Item Search

NameAudit NamePluginCategory
20.54 Ensure 'Protection methods such as TLS, encrypted VPN's, or IPsec must be implemented if the data owner has a strict requirement for ensuring data integrity and confidentiality is maintained at every step of the data transfer and handling process'CIS Microsoft Windows Server 2022 STIG v1.0.0 STIG DCWindows

SYSTEM AND COMMUNICATIONS PROTECTION

20.54 Ensure 'Protection methods such as TLS, encrypted VPN's, or IPsec must be implemented if the data owner has a strict requirement for ensuring data integrity and confidentiality is maintained at every step of the data transfer and handling process'CIS Microsoft Windows Server 2022 STIG v1.0.0 STIG MSWindows

SYSTEM AND COMMUNICATIONS PROTECTION

CD12-00-003000 - PostgreSQL must maintain the confidentiality and integrity of information during reception.DISA STIG Crunchy Data PostgreSQL DB v3r1PostgreSQLDB

SYSTEM AND COMMUNICATIONS PROTECTION

CD12-00-007200 - PostgreSQL must maintain the confidentiality and integrity of information during preparation for transmission.DISA STIG Crunchy Data PostgreSQL OS v3r1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

CD12-00-007200 - PostgreSQL must maintain the confidentiality and integrity of information during preparation for transmission.DISA STIG Crunchy Data PostgreSQL DB v3r1PostgreSQLDB

SYSTEM AND COMMUNICATIONS PROTECTION

DB2X-00-009100 - DB2 must maintain the confidentiality and integrity of information during preparation for transmission.DISA STIG IBM DB2 v10.5 LUW v2r1 OS LinuxUnix

SYSTEM AND COMMUNICATIONS PROTECTION

DB2X-00-009100 - DB2 must maintain the confidentiality and integrity of information during preparation for transmission.DISA STIG IBM DB2 v10.5 LUW v2r1 OS WindowsWindows

SYSTEM AND COMMUNICATIONS PROTECTION

DB2X-00-009200 - DB2 must maintain the confidentiality and integrity of information during reception.DISA STIG IBM DB2 v10.5 LUW v2r1 OS LinuxUnix

SYSTEM AND COMMUNICATIONS PROTECTION

EP11-00-009500 - The EDB Postgres Advanced Server must maintain the confidentiality and integrity of information during preparation for transmission.EDB PostgreSQL Advanced Server v11 Windows OS Audit v2r4Windows

SYSTEM AND COMMUNICATIONS PROTECTION

EP11-00-009600 - The EDB Postgres Advanced Server must maintain the confidentiality and integrity of information during reception.EDB PostgreSQL Advanced Server v11 Windows OS Audit v2r4Windows

SYSTEM AND COMMUNICATIONS PROTECTION

EP11-00-009600 - The EDB Postgres Advanced Server must maintain the confidentiality and integrity of information during reception.EDB PostgreSQL Advanced Server v11 DB Audit v2r4PostgreSQLDB

SYSTEM AND COMMUNICATIONS PROTECTION

EPAS-00-009500 - The EDB Postgres Advanced Server must maintain the confidentiality and integrity of information during preparation for transmission.EnterpriseDB PostgreSQL Advanced Server OS Linux v2r1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

EPAS-00-009600 - The EDB Postgres Advanced Server must maintain the confidentiality and integrity of information during reception.EnterpriseDB PostgreSQL Advanced Server DB v2r1PostgreSQLDB

SYSTEM AND COMMUNICATIONS PROTECTION

ESXI-70-000074 - The ESXi host must exclusively enable Transport Layer Security (TLS) 1.2 for all endpoints.DISA STIG VMware vSphere 7.0 ESXi v1r2VMware

SYSTEM AND COMMUNICATIONS PROTECTION

ESXI-80-000161 The ESXi host must maintain the confidentiality and integrity of information during transmission by exclusively enabling Transport Layer Security (TLS) 1.2.DISA VMware vSphere 8.0 ESXi STIG v2r1VMware

SYSTEM AND COMMUNICATIONS PROTECTION

EX19-ED-000238 Exchange must render hyperlinks from email sources from non-.mil domains as unclickable.DISA Microsoft Exchange 2019 Edge Server STIG v2r1Windows

SYSTEM AND COMMUNICATIONS PROTECTION

MADB-10-008900 - MariaDB must maintain the confidentiality and integrity of information during preparation for transmission.DISA MariaDB Enterprise 10.x v2r1 DBMySQLDB

SYSTEM AND COMMUNICATIONS PROTECTION

MADB-10-009000 - MariaDB must maintain the confidentiality and integrity of information during reception.DISA MariaDB Enterprise 10.x v2r1 DBMySQLDB

SYSTEM AND COMMUNICATIONS PROTECTION

MD4X-00-006000 - MongoDB must maintain the confidentiality and integrity of information during preparation for transmission.DISA STIG MongoDB Enterprise Advanced 4.x v1r4 OSUnix

SYSTEM AND COMMUNICATIONS PROTECTION

MD4X-00-006100 - MongoDB must maintain the confidentiality and integrity of information during reception.DISA STIG MongoDB Enterprise Advanced 4.x v1r4 OSUnix

SYSTEM AND COMMUNICATIONS PROTECTION

MYS8-00-011300 - The MySQL Database Server 8.0 must maintain the confidentiality and integrity of information during preparation for transmission.DISA Oracle MySQL 8.0 v2r2 DBMySQLDB

SYSTEM AND COMMUNICATIONS PROTECTION

O112-C1-019700 - The DBMS must employ cryptographic mechanisms preventing the unauthorized disclosure of information during transmission unless the transmitted data is otherwise protected by alternative physical measures.DISA STIG Oracle 11.2g v2r5 WindowsWindows

SYSTEM AND COMMUNICATIONS PROTECTION

O112-C1-019700 - The DBMS must employ cryptographic mechanisms preventing the unauthorized disclosure of information during transmission unless the transmitted data is otherwise protected by alternative physical measures.DISA STIG Oracle 11.2g v2r5 LinuxUnix

SYSTEM AND COMMUNICATIONS PROTECTION

OH12-1X-000324 - OHS must have the LoadModule ossl_module directive enabled to maintain the confidentiality and integrity of information during preparation for transmission.DISA STIG Oracle HTTP Server 12.1.3 v2r2Unix

SYSTEM AND COMMUNICATIONS PROTECTION

OH12-1X-000326 - OHS must have the SSLEngine, SSLProtocol, and SSLWallet directives enabled and configured to maintain the confidentiality and integrity of information during preparation for transmission - SSLEngineDISA STIG Oracle HTTP Server 12.1.3 v2r2Unix

SYSTEM AND COMMUNICATIONS PROTECTION

OH12-1X-000326 - OHS must have the SSLEngine, SSLProtocol, and SSLWallet directives enabled and configured to maintain the confidentiality and integrity of information during preparation for transmission - SSLProtocolDISA STIG Oracle HTTP Server 12.1.3 v2r2Unix

SYSTEM AND COMMUNICATIONS PROTECTION

OH12-1X-000329 - If using the WebLogic Web Server Proxy Plugin and configuring end-to-end SSL, OHS must have the WLSSLWallet directive enabled to maintain the confidentiality and integrity of information during preparation for transmission.DISA STIG Oracle HTTP Server 12.1.3 v2r2Unix

SYSTEM AND COMMUNICATIONS PROTECTION

OH12-1X-000330 - If using the WebLogic Web Server Proxy Plugin and configuring SSL termination at OHS, OHS must have the WLSProxySSL directive enabled to maintain the confidentiality and integrity of information during preparation for transmission.DISA STIG Oracle HTTP Server 12.1.3 v2r2Unix

SYSTEM AND COMMUNICATIONS PROTECTION

OH12-1X-000332 - OHS must have the SSLFIPS directive enabled to maintain the confidentiality and integrity of information during reception.DISA STIG Oracle HTTP Server 12.1.3 v2r2Unix

SYSTEM AND COMMUNICATIONS PROTECTION

OH12-1X-000333 - OHS must have the SSLEngine, SSLProtocol, and SSLWallet directives enabled and configured to maintain the confidentiality and integrity of information during reception - SSLEngineDISA STIG Oracle HTTP Server 12.1.3 v2r2Unix

SYSTEM AND COMMUNICATIONS PROTECTION

OH12-1X-000333 - OHS must have the SSLEngine, SSLProtocol, and SSLWallet directives enabled and configured to maintain the confidentiality and integrity of information during reception - SSLProtocolDISA STIG Oracle HTTP Server 12.1.3 v2r2Unix

SYSTEM AND COMMUNICATIONS PROTECTION

OH12-1X-000333 - OHS must have the SSLEngine, SSLProtocol, and SSLWallet directives enabled and configured to maintain the confidentiality and integrity of information during reception - SSLWalletDISA STIG Oracle HTTP Server 12.1.3 v2r2Unix

SYSTEM AND COMMUNICATIONS PROTECTION

OH12-1X-000334 - OHS must have the SSLCipherSuite directive enabled to maintain the confidentiality and integrity of information during reception.DISA STIG Oracle HTTP Server 12.1.3 v2r2Unix

SYSTEM AND COMMUNICATIONS PROTECTION

OH12-1X-000336 - If using the WebLogic Web Server Proxy Plugin and configuring end-to-end SSL, OHS must have the WLSSLWallet directive enabled to maintain the confidentiality and integrity of information during reception.DISA STIG Oracle HTTP Server 12.1.3 v2r2Unix

SYSTEM AND COMMUNICATIONS PROTECTION

PGS9-00-003000 - PostgreSQL must maintain the confidentiality and integrity of information during reception.DISA STIG PostgreSQL 9.x on RHEL OS v2r5Unix

SYSTEM AND COMMUNICATIONS PROTECTION

PGS9-00-007200 - PostgreSQL must maintain the confidentiality and integrity of information during preparation for transmission.DISA STIG PostgreSQL 9.x on RHEL OS v2r5Unix

SYSTEM AND COMMUNICATIONS PROTECTION

PGS9-00-007200 - PostgreSQL must maintain the confidentiality and integrity of information during preparation for transmission.DISA STIG PostgreSQL 9.x on RHEL DB v2r5PostgreSQLDB

SYSTEM AND COMMUNICATIONS PROTECTION

PPS9-00-009500 - The EDB Postgres Advanced Server must maintain the confidentiality and integrity of information during preparation for transmission.EDB PostgreSQL Advanced Server OS Linux Audit v2r3Unix

SYSTEM AND COMMUNICATIONS PROTECTION

RHEL-09-672050 - RHEL 9 must implement DOD-approved encryption in the bind package.DISA Red Hat Enterprise Linux 9 STIG v2r2Unix

SYSTEM AND COMMUNICATIONS PROTECTION

SOL-11.1-060090 - The operating system must maintain the integrity of information during aggregation, packaging, and transformation in preparation for transmission.DISA STIG Solaris 11 SPARC v3r1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

SOL-11.1-060090 - The operating system must maintain the integrity of information during aggregation, packaging, and transformation in preparation for transmission.DISA STIG Solaris 11 X86 v3r1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

SOL-11.1-060120 - The operating system must maintain the confidentiality of information during aggregation, packaging, and transformation in preparation for transmission.DISA STIG Solaris 11 X86 v3r1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

SP13-00-000120 - SharePoint must maintain the confidentiality of information during aggregation, packaging, and transformation in preparation for transmission. When transmitting data, applications need to leverage transmission protection mechanisms such as TLS, SSL VPNs, or IPSec.DISA STIG SharePoint 2013 v2r3Windows

SYSTEM AND COMMUNICATIONS PROTECTION

SQL4-00-035000 - The confidentiality and integrity of information managed by SQL Server must be maintained during preparation for transmission.DISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

SYSTEM AND COMMUNICATIONS PROTECTION

VCLD-70-000024 - VAMI must implement Transport Layer Security (TLS) 1.2 exclusively.DISA STIG VMware vSphere 7.0 VAMI v1r2Unix

SYSTEM AND COMMUNICATIONS PROTECTION

WBSP-AS-001620 - The WebSphere Application Server distribution and consistency services (DCS) transport links must be encrypted.DISA IBM WebSphere Traditional 9 STIG v1r1 MiddlewareUnix

SYSTEM AND COMMUNICATIONS PROTECTION

WBSP-AS-001620 - The WebSphere Application Server distribution and consistency services (DCS) transport links must be encrypted.DISA IBM WebSphere Traditional 9 Windows STIG v1r1Windows

SYSTEM AND COMMUNICATIONS PROTECTION

WBSP-AS-001620 - The WebSphere Application Server distribution and consistency services (DCS) transport links must be encrypted.DISA IBM WebSphere Traditional 9 STIG v1r1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

WDNS-SC-000030 - The Windows 2012 DNS Server must maintain the integrity of information during reception.DISA Microsoft Windows 2012 Server DNS STIG v2r7Windows

SYSTEM AND COMMUNICATIONS PROTECTION

WN22-00-000260 - Windows Server 2022 must implement protection methods such as TLS, encrypted VPNs, or IPsec if the data owner has a strict requirement for ensuring data integrity and confidentiality is maintained at every step of the data transfer and handling process.DISA Windows Server 2022 STIG v2r2Windows

SYSTEM AND COMMUNICATIONS PROTECTION