1.8 SSH Strong Algorithm - c) Disable encryption aes128-cbc | Tenable ZTE ROSNG | ZTE_ROSNG | SYSTEM AND COMMUNICATIONS PROTECTION |
1.8 SSH Strong Algorithm - e) Disable encryption aes256-cbc | Tenable ZTE ROSNG | ZTE_ROSNG | SYSTEM AND COMMUNICATIONS PROTECTION |
1.8 SSH Strong Algorithm - f) Disable encryption blowfish-cbc | Tenable ZTE ROSNG | ZTE_ROSNG | SYSTEM AND COMMUNICATIONS PROTECTION |
1.8 SSH Strong Algorithm - j) Disable diffie-hellman group1-sha1 | Tenable ZTE ROSNG | ZTE_ROSNG | SYSTEM AND COMMUNICATIONS PROTECTION |
2.2.1.5 Ensure 'Allow users to accept untrusted TLS certificates' is set to 'Disabled' | AirWatch - CIS Apple iOS 11 v1.0.0 End User Owned L2 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
2.3.27.11 Ensure 'Disable password to open UI' is set to 'Disabled' | CIS Microsoft Office Enterprise v1.1.0 L1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
2.6 Configure TLS authentication for Docker daemon --tlskey | CIS Docker 1.13.0 v1.0.0 L1 Docker | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
2.6 Configure TLS authentication for Docker daemon - tlscacert | CIS Docker 1.11.0 v1.0.0 L1 Docker | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
2.6 Configure TLS authentication for Docker daemon --tlscacert | CIS Docker 1.13.0 v1.0.0 L1 Docker | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
2.6.1 Enable FileVault - Encryption Status | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
2.6.1 Enable FileVault - Encryption Type | CIS Apple OSX 10.11 El Capitan L1 v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
2.6.1 Enable FileVault - Encryption Type | CIS Apple OSX 10.11 El Capitan L1 v1.1.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
2.9 Configure TLS authentication for Docker daemon '--tlskey'' | CIS Docker 1.6 v1.0.0 L1 Docker | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
2.25.5 Ensure 'Protect Document Metadata for Rights Managed Office Open XML Files' is set to Enabled | CIS Microsoft Office 2016 v1.1.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
2.25.6 Ensure 'Protect Document Metadata for Password Protected Files' is set to Enabled | CIS Microsoft Office 2013 v1.1.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
2.25.8 Ensure 'Encryption Type for Password Protected Office Open XML Files' is set to Enabled | CIS Microsoft Office 2013 v1.1.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
2.25.9 Ensure 'Encryption Type for Password Protected Office 97-2003 files' is set to Enabled | CIS Microsoft Office 2013 v1.1.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
2.1620 - The file integrity tool must use FIPS 140-2 approved cryptographic hashes for validating file contents and directories. | Tenable Fedora Linux Best Practices v2.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
3.10 Set 'Enable S/MIME for OWA 2010' to 'True' | CIS Microsoft Exchange Server 2013 CAS v1.1.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
3.21 - FIPS Compliant cryptographic Module should be used - JAVA_PROPERTIES | TNS Oracle WebLogic Server 11 Windows Best Practices | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
4.1 Use TSIG Keys 256 Bits in Length | CIS BIND DNS v3.0.0 Caching Only Name Server | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
4.400 - The SSH daemon must be configured to only use Message Authentication Codes (MACs) employing FIPS 140-2 approved algorithms. | Tenable Fedora Linux Best Practices v2.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
5.2.12 Ensure only approved MAC algorithms are used | CIS SUSE Linux Enterprise Server 11 L1 v2.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
5.2.13 Ensure only strong Ciphers are used | CIS Oracle Linux 7 Server L1 v3.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
5.2.15 Ensure only strong Key Exchange algorithms are used - approved algorithms | CIS Ubuntu Linux 18.04 LTS Server L1 v2.0.1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
5.2.15 Ensure only strong Key Exchange algorithms are used - approved algorithms | CIS Ubuntu Linux 18.04 LTS Workstation L1 v2.0.1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
5.2.15 Ensure only strong Key Exchange algorithms are used - weak algorithms | CIS Ubuntu Linux 18.04 LTS Server L1 v2.0.1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
5.2.20 Ensure SSH PAM is enabled | CIS Ubuntu Linux 18.04 LTS Server L1 v2.0.1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
5.2.20 Ensure SSH PAM is enabled | CIS Ubuntu Linux 18.04 LTS Workstation L1 v2.0.1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
5.2.20 Ensure system-wide crypto policy is not over-ridden | CIS Red Hat EL8 Workstation L1 v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
5.2.26 Ensure only FIPS 140-2 MACs are used for SSH | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
5.4.1.7 Ensure account administration utilities are configured to store only encrypted representations of passwords. | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
5.06 OAS - Encryption Method (FIPS 140) - 'SQLNET.ENCRYPTION_TYPES_SERVER=(DES|DES40)' | CIS Oracle 9 10 Windows Level2 v2.01 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
6.1.2 Set SSH Protocol to 2 - Check if Protocol is set to 2 and not commented for client. | CIS Solaris 10 L1 v5.2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
6.5 Ensure sslProtocol is set to TLS for Secure Connectors (verify sslProtocol is set to TLS) | CIS Apache Tomcat 7 L1 v1.1.0 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
7.10 Ensure Password Encryption Uses SHA algorithms 'CRYPT_ALGORITHMS_ALLOW' | CIS Solaris 10 L2 v5.2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
10.4 Force SSL when accessing the manager application | CIS Apache Tomcat 7 L1 v1.1.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
10.12 Force SSL for all applications | CIS Apache Tomcat 8 L2 v1.0.1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
Android Device Configuration - Encryption | Tenable Best Practices for Microsoft Intune Android v1.0 | microsoft_azure | SYSTEM AND COMMUNICATIONS PROTECTION |
Brocade - Enable HTTPS | Tenable Best Practices Brocade FabricOS | Brocade | SYSTEM AND COMMUNICATIONS PROTECTION |
Citrix ADC - System Parameters - FIPS mode | Tenable Best Practice Citrix ADC v1.0.0 | Citrix_Application_Delivery | SYSTEM AND COMMUNICATIONS PROTECTION |
Citrix ADM - SSL - Settings - TLSv1.1 | Tenable Best Practice Citrix ADM v1.0.0 | Citrix_Application_Delivery | SYSTEM AND COMMUNICATIONS PROTECTION |
Configure Control Plane Security Parameters | Tenable Cisco Viptela SD-WAN - vSmart | Cisco_Viptela | SYSTEM AND COMMUNICATIONS PROTECTION |
Encrypt Communication - config - 'net.ssl.mode = requireSSL' | TNS MongoDB 2.6 Best Practices Linux OS Audit v1.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
Encrypt Communication - config - 'security.clusterAuthMode = keyFile' | TNS MongoDB 2.6 Best Practices Linux OS Audit v1.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
Encrypt Communication - config - 'sslFIPSMode = true' | TNS MongoDB 2.4 Best Practices Linux OS Audit v1.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
Encrypt Communication - config - 'sslFIPSMode = true' | TNS MongoDB 2.4 Best Practices Windows OS Audit v1.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
OpenStack Identity - Identity uses strong hashing algorithms for PKI tokens | TNS OpenStack Keystone/Identity Security Guide | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
Routing Protocol Security - Select the strongest algorithm that is supported by your equipment and your neighbors - BGP | Juniper Hardening JunOS 12 Devices Checklist | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
TFTP vs SFTP and SCP - ip ssh filetransfer | ArubaOS Switch 16.x Hardening Guide v1.0.0 | ArubaOS | SYSTEM AND COMMUNICATIONS PROTECTION |