Item Search

NameAudit NamePluginCategory
AIX7-00-003004 - AIX SSH private host key files must have mode 0600 or less permissive.DISA STIG AIX 7.x v2r9Unix

IDENTIFICATION AND AUTHENTICATION

AOSX-14-003002 - The macOS system must enable certificate for smartcards.DISA STIG Apple Mac OSX 10.14 v2r6Unix

IDENTIFICATION AND AUTHENTICATION

APPNET0052 - Encryption keys used for the .NET Strong Name Membership Condition must be protected.DISA STIG for Microsoft Dot Net Framework 4.0 v2r4Windows

IDENTIFICATION AND AUTHENTICATION

AS24-U2-000390 - Only authenticated system administrators or the designated PKI Sponsor for the Apache web server must have access to the Apache web servers private key.DISA STIG Apache Server 2.4 Unix Site v2r4Unix

IDENTIFICATION AND AUTHENTICATION

AS24-U2-000390 - Only authenticated system administrators or the designated PKI Sponsor for the Apache web server must have access to the Apache web servers private key.DISA STIG Apache Server 2.4 Unix Site v2r4 MiddlewareUnix

IDENTIFICATION AND AUTHENTICATION

AS24-W2-000390 - Only authenticated system administrators or the designated PKI Sponsor for the Apache web server must have access to the Apache web servers private key.DISA STIG Apache Server 2.4 Windows Site v2r1Windows

IDENTIFICATION AND AUTHENTICATION

BIND-9X-001110 - The TSIG keys used with the BIND 9.x implementation must be owned by a privileged account.DISA BIND 9.x STIG v2r3Unix

IDENTIFICATION AND AUTHENTICATION

BIND-9X-001111 - The TSIG keys used with the BIND 9.x implementation must be group owned by a privileged account.DISA BIND 9.x STIG v2r3Unix

IDENTIFICATION AND AUTHENTICATION

BIND-9X-001150 - The BIND 9.x server signature generation using the KSK must be done off-line, using the KSK-private key stored off-line.DISA BIND 9.x STIG v2r3Unix

IDENTIFICATION AND AUTHENTICATION

Catalina - Set Smartcard Certificate Trust to HighNIST macOS Catalina v1.5.0 - 800-53r5 HighUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

Catalina - Set Smartcard Certificate Trust to HighNIST macOS Catalina v1.5.0 - All ProfilesUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

CD12-00-010200 - PostgreSQL must enforce authorized access to all PKI private keys stored/utilized by PostgreSQL.DISA STIG Crunchy Data PostgreSQL OS v3r1Unix

IDENTIFICATION AND AUTHENTICATION

DKER-EE-002380 - The certificate chain used by Universal Control Plane (UCP) client bundles must match what is defined in the System Security Plan (SSP) in Docker Enterprise.DISA STIG Docker Enterprise 2.x Linux/Unix v2r2Unix

IDENTIFICATION AND AUTHENTICATION

DKER-EE-002400 - Docker Enterprise Swarm manager must be run in auto-lock mode.DISA STIG Docker Enterprise 2.x Linux/Unix v2r2Unix

IDENTIFICATION AND AUTHENTICATION

DKER-EE-002410 - Docker Enterprise secret management commands must be used for managing secrets in a Swarm cluster.DISA STIG Docker Enterprise 2.x Linux/Unix v2r2Unix

IDENTIFICATION AND AUTHENTICATION

EP11-00-004600 - The EDB Postgres Advanced Server must enforce authorized access to all PKI private keys stored/utilized by the EDB Postgres Advanced Server.EDB PostgreSQL Advanced Server v11 Windows OS Audit v2r4Windows

IDENTIFICATION AND AUTHENTICATION

EPAS-00-004600 - The EDB Postgres Advanced Server must enforce authorized access to all PKI private keys stored/used by the EDB Postgres Advanced Server.EnterpriseDB PostgreSQL Advanced Server OS Linux v2r1Unix

IDENTIFICATION AND AUTHENTICATION

JBOS-AS-000320 - The JBoss server must be configured to restrict access to the web servers private key to authenticated system administrators.DISA RedHat JBoss EAP 6.3 STIG v2r4Unix

IDENTIFICATION AND AUTHENTICATION

MADB-10-004100 - MariaDB must enforce authorized access to all PKI private keys stored/used by the DBMS.DISA MariaDB Enterprise 10.x v2r1 DBMySQLDB

IDENTIFICATION AND AUTHENTICATION

MD3X-00-000360 - MongoDB must enforce authorized access to all PKI private keys stored/utilized by MongoDB.DISA STIG MongoDB Enterprise Advanced 3.x v2r3 OSUnix

IDENTIFICATION AND AUTHENTICATION

MD4X-00-003100 - MongoDB must enforce authorized access to all PKI private keys stored/utilized by MongoDB.DISA STIG MongoDB Enterprise Advanced 4.x v1r4 OSUnix

IDENTIFICATION AND AUTHENTICATION

Monterey - Set Smartcard Certificate Trust to HighNIST macOS Monterey v1.0.0 - 800-53r5 HighUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

Monterey - Set Smartcard Certificate Trust to HighNIST macOS Monterey v1.0.0 - All ProfilesUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

Monterey - Set Smartcard Certificate Trust to HighNIST macOS Monterey v1.0.0 - 800-53r4 HighUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

MYS8-00-004800 - The MySQL Database Server 8.0 must enforce authorized access to all PKI private keys stored/utilized by the MySQL Database Server 8.0.DISA Oracle MySQL 8.0 v2r1 DBMySQLDB

IDENTIFICATION AND AUTHENTICATION

MYS8-00-004800 - The MySQL Database Server 8.0 must enforce authorized access to all PKI private keys stored/utilized by the MySQL Database Server 8.0.DISA Oracle MySQL 8.0 v2r1 OS LinuxUnix

IDENTIFICATION AND AUTHENTICATION

O112-C1-015400 - The DBMS, when using PKI-based authentication, must enforce authorized access to the corresponding private key.DISA STIG Oracle 11.2g v2r5 WindowsWindows

IDENTIFICATION AND AUTHENTICATION

O121-C1-015400 - The DBMS, when using PKI-based authentication, must enforce authorized access to the corresponding private key.DISA STIG Oracle 12c v3r1 WindowsWindows

IDENTIFICATION AND AUTHENTICATION

OL08-00-010100 - OL 8, for certificate-based authentication, must enforce authorized access to the corresponding private key.DISA Oracle Linux 8 STIG v2r1Unix

IDENTIFICATION AND AUTHENTICATION

PGS9-00-010200 - PostgreSQL must enforce authorized access to all PKI private keys stored/utilized by PostgreSQL.DISA STIG PostgreSQL 9.x on RHEL OS v2r5Unix

IDENTIFICATION AND AUTHENTICATION

PPS9-00-004600 - The EDB Postgres Advanced Server must enforce authorized access to all PKI private keys stored/utilized by the EDB Postgres Advanced Server.EDB PostgreSQL Advanced Server OS Linux Audit v2r3Unix

IDENTIFICATION AND AUTHENTICATION

RHEL-08-010100 - RHEL 8, for certificate-based authentication, must enforce authorized access to the corresponding private key.DISA Red Hat Enterprise Linux 8 STIG v2r1Unix

IDENTIFICATION AND AUTHENTICATION

RHEL-09-611190 - RHEL 9, for PKI-based authentication, must enforce authorized access to the corresponding private key.DISA Red Hat Enterprise Linux 9 STIG v2r2Unix

IDENTIFICATION AND AUTHENTICATION

SQL6-D0-008400 - SQL Server must enforce authorized access to all PKI private keys stored/utilized by SQL Server.DISA STIG SQL Server 2016 Instance OS Audit v3r1Windows

IDENTIFICATION AND AUTHENTICATION

VCFL-67-000018 - vSphere Client must ensure appropriate permissions are set on the keystore.DISA STIG VMware vSphere 6.7 Virgo Client v1r2Unix

IDENTIFICATION AND AUTHENTICATION

VCLD-67-000025 - VAMI must protect the keystore from unauthorized access.DISA STIG VMware vSphere 6.7 VAMI-lighttpd v1r3Unix

IDENTIFICATION AND AUTHENTICATION

VCLD-70-000017 - VAMI must protect the keystore from unauthorized access - MIME that invoke OS shell programs disabled.DISA STIG VMware vSphere 7.0 VAMI v1r2Unix

IDENTIFICATION AND AUTHENTICATION

VCLD-80-000040 The vCenter VAMI service must restrict access to the web server's private key.DISA VMware vSphere 8.0 vCenter Appliance Management Interface (VAMI) STIG v2r1Unix

IDENTIFICATION AND AUTHENTICATION

VCPG-67-000014 - VMware Postgres must enforce authorized access to all PKI private keys.DISA STIG VMware vSphere 6.7 PostgreSQL v1r2Unix

IDENTIFICATION AND AUTHENTICATION

VCPG-70-000012 - VMware Postgres must enforce authorized access to all public key infrastructure (PKI) private keys.DISA STIG VMware vSphere 7.0 PostgreSQL v1r2Unix

IDENTIFICATION AND AUTHENTICATION

VCRP-67-000007 - The rhttpproxy private key file must be protected from unauthorized access.DISA STIG VMware vSphere 6.7 RhttpProxy v1r3Unix

IDENTIFICATION AND AUTHENTICATION

VCRP-70-000005 - The Envoy private key file must be protected from unauthorized access.DISA STIG VMware vSphere 7.0 RhttpProxy v1r1Unix

IDENTIFICATION AND AUTHENTICATION

WBSP-AS-001230 - The WebSphere Application Server default keystore passwords must be changed.DISA IBM WebSphere Traditional 9 Windows STIG v1r1Windows

IDENTIFICATION AND AUTHENTICATION

WBSP-AS-001230 - The WebSphere Application Server default keystore passwords must be changed.DISA IBM WebSphere Traditional 9 STIG v1r1Unix

IDENTIFICATION AND AUTHENTICATION

WBSP-AS-001230 - The WebSphere Application Server default keystore passwords must be changed.DISA IBM WebSphere Traditional 9 STIG v1r1 MiddlewareUnix

IDENTIFICATION AND AUTHENTICATION

WDNS-IA-000006 - The Windows 2012 DNS Server must be configured to enforce authorized access to the corresponding private key.DISA Microsoft Windows 2012 Server DNS STIG v2r7Windows

IDENTIFICATION AND AUTHENTICATION

WDNS-IA-000008 - The Windows 2012 DNS Server permissions must be set so that the key file can only be read or modified by the account that runs the name server software.DISA Microsoft Windows 2012 Server DNS STIG v2r7Windows

IDENTIFICATION AND AUTHENTICATION

WDNS-IA-000009 - The private key corresponding to the ZSK must only be stored on the name server that does support dynamic updates.DISA Microsoft Windows 2012 Server DNS STIG v2r7Windows

IDENTIFICATION AND AUTHENTICATION

WN16-SO-000420 - Users must be required to enter a password to access private keys stored on the computer.DISA Windows Server 2016 STIG v2r9Windows

IDENTIFICATION AND AUTHENTICATION

WN22-SO-000350 - Windows Server 2022 users must be required to enter a password to access private keys stored on the computer.DISA Windows Server 2022 STIG v2r2Windows

IDENTIFICATION AND AUTHENTICATION