Item Search

NameAudit NamePluginCategory
1.1.3.14.1 Configure 'System cryptography: Force strong key protection for user keys stored on the computer'CIS Windows 8 L1 v1.0.0Windows

IDENTIFICATION AND AUTHENTICATION

2.3.14.1 Ensure 'System cryptography: Force strong key protection for user keys stored on the computer' is set to 'User is prompted when the key is first used' or higherCIS Windows 7 Workstation Level 2 v3.2.0Windows

IDENTIFICATION AND AUTHENTICATION

2.3.14.1 Ensure 'System cryptography: Force strong key protection for user keys stored on the computer' is set to 'User is prompted when the key is first used' or higherCIS Windows 7 Workstation Level 2 + Bitlocker v3.2.0Windows

IDENTIFICATION AND AUTHENTICATION

AOSX-13-067035 - The macOS system must enable certificate for smartcards.DISA STIG Apple Mac OSX 10.13 v2r5Unix

IDENTIFICATION AND AUTHENTICATION

APPNET0052 - Encryption keys used for the .NET Strong Name Membership Condition must be protected.DISA STIG for Microsoft Dot Net Framework 4.0 v2r4Windows

IDENTIFICATION AND AUTHENTICATION

BIND-9X-001110 - The TSIG keys used with the BIND 9.x implementation must be owned by a privileged account.DISA BIND 9.x STIG v2r3Unix

IDENTIFICATION AND AUTHENTICATION

BIND-9X-001112 - The read and write access to a TSIG key file used by a BIND 9.x server must be restricted to only the account that runs the name server software.DISA BIND 9.x STIG v2r3Unix

IDENTIFICATION AND AUTHENTICATION

BIND-9X-001133 - The BIND 9.x server private key corresponding to the ZSK pair must be the only DNSSEC key kept on a name server that supports dynamic updates.DISA BIND 9.x STIG v2r3Unix

IDENTIFICATION AND AUTHENTICATION

BIND-9X-001150 - The BIND 9.x server signature generation using the KSK must be done off-line, using the KSK-private key stored off-line.DISA BIND 9.x STIG v2r3Unix

IDENTIFICATION AND AUTHENTICATION

Catalina - Set Smartcard Certificate Trust to HighNIST macOS Catalina v1.5.0 - 800-53r5 HighUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

Catalina - Set Smartcard Certificate Trust to HighNIST macOS Catalina v1.5.0 - All ProfilesUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

CD12-00-010200 - PostgreSQL must enforce authorized access to all PKI private keys stored/utilized by PostgreSQL.DISA STIG Crunchy Data PostgreSQL OS v3r1Unix

IDENTIFICATION AND AUTHENTICATION

DKER-EE-002380 - The certificate chain used by Universal Control Plane (UCP) client bundles must match what is defined in the System Security Plan (SSP) in Docker Enterprise.DISA STIG Docker Enterprise 2.x Linux/Unix v2r2Unix

IDENTIFICATION AND AUTHENTICATION

DKER-EE-002400 - Docker Enterprise Swarm manager must be run in auto-lock mode.DISA STIG Docker Enterprise 2.x Linux/Unix v2r2Unix

IDENTIFICATION AND AUTHENTICATION

EPAS-00-004600 - The EDB Postgres Advanced Server must enforce authorized access to all PKI private keys stored/used by the EDB Postgres Advanced Server.EnterpriseDB PostgreSQL Advanced Server OS Linux v2r1Unix

IDENTIFICATION AND AUTHENTICATION

MADB-10-004100 - MariaDB must enforce authorized access to all PKI private keys stored/used by the DBMS.DISA MariaDB Enterprise 10.x v2r1 DBMySQLDB

IDENTIFICATION AND AUTHENTICATION

MD3X-00-000360 - MongoDB must enforce authorized access to all PKI private keys stored/utilized by MongoDB.DISA STIG MongoDB Enterprise Advanced 3.x v2r3 OSUnix

IDENTIFICATION AND AUTHENTICATION

MD4X-00-003100 - MongoDB must enforce authorized access to all PKI private keys stored/utilized by MongoDB.DISA STIG MongoDB Enterprise Advanced 4.x v1r4 OSUnix

IDENTIFICATION AND AUTHENTICATION

Monterey - Set Smartcard Certificate Trust to HighNIST macOS Monterey v1.0.0 - 800-53r5 HighUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

Monterey - Set Smartcard Certificate Trust to HighNIST macOS Monterey v1.0.0 - All ProfilesUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

Monterey - Set Smartcard Certificate Trust to HighNIST macOS Monterey v1.0.0 - 800-53r4 HighUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

MYS8-00-004800 - The MySQL Database Server 8.0 must enforce authorized access to all PKI private keys stored/utilized by the MySQL Database Server 8.0.DISA Oracle MySQL 8.0 v2r1 OS LinuxUnix

IDENTIFICATION AND AUTHENTICATION

MYS8-00-004800 - The MySQL Database Server 8.0 must enforce authorized access to all PKI private keys stored/utilized by the MySQL Database Server 8.0.DISA Oracle MySQL 8.0 v2r1 DBMySQLDB

IDENTIFICATION AND AUTHENTICATION

O112-C1-015400 - The DBMS, when using PKI-based authentication, must enforce authorized access to the corresponding private key.DISA STIG Oracle 11.2g v2r5 WindowsWindows

IDENTIFICATION AND AUTHENTICATION

O112-C1-015400 - The DBMS, when using PKI-based authentication, must enforce authorized access to the corresponding private key.DISA STIG Oracle 11.2g v2r5 LinuxUnix

IDENTIFICATION AND AUTHENTICATION

O121-C1-015400 - The DBMS, when using PKI-based authentication, must enforce authorized access to the corresponding private key.DISA STIG Oracle 12c v3r1 WindowsWindows

IDENTIFICATION AND AUTHENTICATION

O121-C1-015400 - The DBMS, when using PKI-based authentication, must enforce authorized access to the corresponding private key.DISA STIG Oracle 12c v3r1 LinuxUnix

IDENTIFICATION AND AUTHENTICATION

OL08-00-010100 - OL 8, for certificate-based authentication, must enforce authorized access to the corresponding private key.DISA Oracle Linux 8 STIG v2r1Unix

IDENTIFICATION AND AUTHENTICATION

PGS9-00-010200 - PostgreSQL must enforce authorized access to all PKI private keys stored/utilized by PostgreSQL.DISA STIG PostgreSQL 9.x on RHEL OS v2r5Unix

IDENTIFICATION AND AUTHENTICATION

PPS9-00-004600 - The EDB Postgres Advanced Server must enforce authorized access to all PKI private keys stored/utilized by the EDB Postgres Advanced Server.EDB PostgreSQL Advanced Server OS Linux Audit v2r3Unix

IDENTIFICATION AND AUTHENTICATION

RHEL-08-010100 - RHEL 8, for certificate-based authentication, must enforce authorized access to the corresponding private key.DISA Red Hat Enterprise Linux 8 STIG v1r14Unix

IDENTIFICATION AND AUTHENTICATION

RHEL-09-611190 - RHEL 9, for PKI-based authentication, must enforce authorized access to the corresponding private key.DISA Red Hat Enterprise Linux 9 STIG v2r1Unix

IDENTIFICATION AND AUTHENTICATION

SQL6-D0-008400 - SQL Server must enforce authorized access to all PKI private keys stored/utilized by SQL Server.DISA STIG SQL Server 2016 Instance OS Audit v3r1Windows

IDENTIFICATION AND AUTHENTICATION

VCFL-67-000018 - vSphere Client must ensure appropriate permissions are set on the keystore.DISA STIG VMware vSphere 6.7 Virgo Client v1r2Unix

IDENTIFICATION AND AUTHENTICATION

VCLD-67-000025 - VAMI must protect the keystore from unauthorized access.DISA STIG VMware vSphere 6.7 VAMI-lighttpd v1r3Unix

IDENTIFICATION AND AUTHENTICATION

VCLD-70-000017 - VAMI must protect the keystore from unauthorized access - MIME that invoke OS shell programs disabled.DISA STIG VMware vSphere 7.0 VAMI v1r2Unix

IDENTIFICATION AND AUTHENTICATION

VCLD-80-000040 The vCenter VAMI service must restrict access to the web server's private key.DISA VMware vSphere 8.0 vCenter Appliance Management Interface (VAMI) STIG v2r1Unix

IDENTIFICATION AND AUTHENTICATION

VCPG-67-000014 - VMware Postgres must enforce authorized access to all PKI private keys.DISA STIG VMware vSphere 6.7 PostgreSQL v1r2Unix

IDENTIFICATION AND AUTHENTICATION

VCPG-70-000012 - VMware Postgres must enforce authorized access to all public key infrastructure (PKI) private keys.DISA STIG VMware vSphere 7.0 PostgreSQL v1r2Unix

IDENTIFICATION AND AUTHENTICATION

VCRP-67-000007 - The rhttpproxy private key file must be protected from unauthorized access.DISA STIG VMware vSphere 6.7 RhttpProxy v1r3Unix

IDENTIFICATION AND AUTHENTICATION

VCRP-70-000005 - The Envoy private key file must be protected from unauthorized access.DISA STIG VMware vSphere 7.0 RhttpProxy v1r1Unix

IDENTIFICATION AND AUTHENTICATION

WBSP-AS-001230 - The WebSphere Application Server default keystore passwords must be changed.DISA IBM WebSphere Traditional 9 STIG v1r1Unix

IDENTIFICATION AND AUTHENTICATION

WBSP-AS-001230 - The WebSphere Application Server default keystore passwords must be changed.DISA IBM WebSphere Traditional 9 STIG v1r1 MiddlewareUnix

IDENTIFICATION AND AUTHENTICATION

WBSP-AS-001230 - The WebSphere Application Server default keystore passwords must be changed.DISA IBM WebSphere Traditional 9 Windows STIG v1r1Windows

IDENTIFICATION AND AUTHENTICATION

WDNS-IA-000006 - The Windows 2012 DNS Server must be configured to enforce authorized access to the corresponding private key.DISA Microsoft Windows 2012 Server DNS STIG v2r7Windows

IDENTIFICATION AND AUTHENTICATION

WDNS-IA-000007 - The Windows 2012 DNS Server key file must be owned by the account under which the Windows 2012 DNS Server service is run.DISA Microsoft Windows 2012 Server DNS STIG v2r7Windows

IDENTIFICATION AND AUTHENTICATION

WDNS-IA-000008 - The Windows 2012 DNS Server permissions must be set so that the key file can only be read or modified by the account that runs the name server software.DISA Microsoft Windows 2012 Server DNS STIG v2r7Windows

IDENTIFICATION AND AUTHENTICATION

WN12-SO-000092 - Users must be required to enter a password to access private keys stored on the computer.DISA Windows Server 2012 and 2012 R2 DC STIG v3r7Windows

IDENTIFICATION AND AUTHENTICATION

WN19-SO-000350 - Windows Server 2019 users must be required to enter a password to access private keys stored on the computer.DISA Windows Server 2019 STIG v3r1Windows

IDENTIFICATION AND AUTHENTICATION

WN22-SO-000350 - Windows Server 2022 users must be required to enter a password to access private keys stored on the computer.DISA Windows Server 2022 STIG v2r1Windows

IDENTIFICATION AND AUTHENTICATION