| AIOS-17-007200 - Apple iOS/iPadOS 17 must not include applications with the following characteristics: access to Siri when the device is locked. | AirWatch - DISA Apple iOS/iPadOS 17 v2r1 | MDM | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| AIOS-17-007200 - Apple iOS/iPadOS 17 must not include applications with the following characteristics: access to Siri when the device is locked. | MobileIron - DISA Apple iOS/iPadOS 17 v2r1 | MDM | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| AIX7-00-001108 - AIX must implement NIST FIPS-validated cryptography for the following: to provision digital signatures, to generate cryptographic hashes, and to protect unclassified information requiring confidentiality and cryptographic protection in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards. | DISA STIG AIX 7.x v2r5 | Unix | |
| AIX7-00-001108 - AIX must implement NIST FIPS-validated cryptography for the following: to provision digital signatures, to generate cryptographic hashes, and to protect unclassified information requiring confidentiality and cryptographic protection in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards. | DISA STIG AIX 7.x v2r8 | Unix | |
| AIX7-00-001108 - AIX must implement NIST FIPS-validated cryptography for the following: to provision digital signatures, to generate cryptographic hashes, and to protect unclassified information requiring confidentiality and cryptographic protection in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards. | DISA STIG AIX 7.x v2r6 | Unix | |
| CISC-RT-000050 - The Cisco router must be configured to enable routing protocol authentication using FIPS 198-1 algorithms with keys not exceeding 180 days of lifetime. | DISA STIG Cisco IOS XE Router RTR v2r9 | Cisco | |
| CISC-RT-000050 - The Cisco router must be configured to enable routing protocol authentication using FIPS 198-1 algorithms with keys not exceeding 180 days of lifetime. | DISA STIG Cisco IOS-XR Router RTR v2r4 | Cisco | |
| CISC-RT-000050 - The Cisco router must be configured to enable routing protocol authentication using FIPS 198-1 algorithms with keys not exceeding 180 days of lifetime. | DISA STIG Cisco IOS Router RTR v2r6 | Cisco | |
| CISC-RT-000050 - The Cisco switch must be configured to enable routing protocol authentication using FIPS 198-1 algorithms with keys not exceeding 180 days of lifetime. | DISA STIG Cisco IOS XE Switch RTR v2r5 | Cisco | |
| CISC-RT-000050 - The Cisco switch must be configured to enable routing protocol authentication using FIPS 198-1 algorithms with keys not exceeding 180 days of lifetime. | DISA STIG Cisco IOS Switch RTR v2r5 | Cisco | |
| DTOO257 - S/Mime interoperability with external clients for message handling must be configured. | DISA STIG Microsoft Outlook 2016 v2r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| EP11-00-004900 - The EDB Postgres Advanced Server must use NIST FIPS 140-2 or 140-3 validated cryptographic modules for all cryptographic operations including generation of cryptographic hashes and data protection - fips_mode | EDB PostgreSQL Advanced Server v11 Windows OS Audit v2r2 | Windows | |
| EP11-00-004900 - The EDB Postgres Advanced Server must use NIST FIPS 140-2 or 140-3 validated cryptographic modules for all cryptographic operations including generation of cryptographic hashes and data protection - hostssl | EDB PostgreSQL Advanced Server v11 Windows OS Audit v2r2 | Windows | |
| EP11-00-004900 - The EDB Postgres Advanced Server must use NIST FIPS 140-2 or 140-3 validated cryptographic modules for all cryptographic operations including generation of cryptographic hashes and data protection - openssl_conf | EDB PostgreSQL Advanced Server v11 Windows OS Audit v2r2 | Windows | |
| EP11-00-004900 - The EDB Postgres Advanced Server must use NIST FIPS 140-2 or 140-3 validated cryptographic modules for all cryptographic operations including generation of cryptographic hashes and data protection - version | EDB PostgreSQL Advanced Server v11 DB Audit v2r2 | PostgreSQLDB | |
| EP11-00-004900 - The EDB Postgres Advanced Server must use NIST FIPS 140-2 or 140-3 validated cryptographic modules for all cryptographic operations including generation of cryptographic hashes and data protection - version | EDB PostgreSQL Advanced Server v11 DB Audit v2r3 | PostgreSQLDB | |
| EP11-00-004900 - The EDB Postgres Advanced Server must use NIST FIPS 140-2 or 140-3 validated cryptographic modules for all cryptographic operations including generation of cryptographic hashes and data protection. | EDB PostgreSQL Advanced Server v11 Windows OS Audit v2r3 | Windows | |
| GOOG-14-006700 - Google Android 14 allowlist must be configured to not include applications with the following characteristics: | AirWatch - DISA Google Android 14 COBO v2r1 | MDM | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| GOOG-14-006700 - Google Android 14 allowlist must be configured to not include applications with the following characteristics: | MobileIron - DISA Google Android 14 COBO v2r1 | MDM | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| GOOG-14-006700 - Google Android 14 allowlist must be configured to not include applications with the following characteristics: | AirWatch - DISA Google Android 14 COPE v2r1 | MDM | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| GOOG-14-006700 - Google Android 14 allowlist must be configured to not include applications with the following characteristics: | MobileIron - DISA Google Android 14 COPE v2r1 | MDM | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| MD3X-00-000380 - MongoDB must use NIST FIPS 140-2-validated cryptographic modules for cryptographic operations. | DISA STIG MongoDB Enterprise Advanced 3.x v2r2 OS | Unix | |
| MD4X-00-001300 - MongoDB must use NIST FIPS 140-2 or 140-3 validated cryptographic modules for cryptographic operations. | DISA STIG MongoDB Enterprise Advanced 4.x v1r4 OS | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| O112-C2-015700 - The DBMS must use NIST-validated FIPS 140-2-compliant cryptography for authentication mechanisms. | DISA STIG Oracle 11.2g v2r2 Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OH12-1X-000253 - OHS must have the LoadModule ossl_module directive enabled to meet the requirements of applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance when encrypting stored data. | DISA STIG Oracle HTTP Server 12.1.3 v2r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OH12-1X-000255 - OHS must have the SSLEngine, SSLProtocol, and SSLWallet directives enabled to meet the requirements of applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance when encrypting stored data - SSLEngine | DISA STIG Oracle HTTP Server 12.1.3 v2r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OH12-1X-000260 - OHS must have the SSLCipherSuite directive enabled to meet the requirements of applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance for such authentication. | DISA STIG Oracle HTTP Server 12.1.3 v2r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| PGS9-00-012800 - The DBMS must be configured on a platform that has a NIST certified FIPS 140-2 installation of OpenSSL - fips_enabled | DISA STIG PostgreSQL 9.x on RHEL DB v2r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-09-252065 - RHEL 9 libreswan package must be installed. | DISA Red Hat Enterprise Linux 9 STIG v2r1 | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| RHEL-09-652015 - RHEL 9 must have the packages required for encrypting offloaded audit logs installed. | DISA Red Hat Enterprise Linux 9 STIG v2r1 | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| SLES-12-010220 - The SUSE operating system must employ FIPS 140-2-approved cryptographic hashing algorithms for all stored passwords. | DISA SLES 12 STIG v2r9 | Unix | |
| SLES-12-010220 - The SUSE operating system must employ FIPS 140-2-approved cryptographic hashing algorithms for all stored passwords. | DISA SLES 12 STIG v2r6 | Unix | |
| SLES-12-010220 - The SUSE operating system must employ FIPS 140-2-approved cryptographic hashing algorithms for all stored passwords. | DISA SLES 12 STIG v2r11 | Unix | |
| SLES-12-010220 - The SUSE operating system must employ FIPS 140-2-approved cryptographic hashing algorithms for all stored passwords. | DISA SLES 12 STIG v2r7 | Unix | |
| SLES-12-010230 - The SUSE operating system must configure the Linux Pluggable Authentication Modules (PAM) to only store encrypted representations of passwords - nullok | DISA SLES 12 STIG v2r7 | Unix | |
| SLES-12-010230 - The SUSE operating system must configure the Linux Pluggable Authentication Modules (PAM) to only store encrypted representations of passwords - nullok | DISA SLES 12 STIG v2r9 | Unix | |
| SLES-12-010230 - The SUSE operating system must configure the Linux Pluggable Authentication Modules (PAM) to only store encrypted representations of passwords - nullok | DISA SLES 12 STIG v2r6 | Unix | |
| SLES-12-010230 - The SUSE operating system must configure the Linux Pluggable Authentication Modules (PAM) to only store encrypted representations of passwords - sha512 | DISA SLES 12 STIG v2r7 | Unix | |
| SLES-12-010230 - The SUSE operating system must configure the Linux Pluggable Authentication Modules (PAM) to only store encrypted representations of passwords - sha512 | DISA SLES 12 STIG v2r9 | Unix | |
| SLES-12-010230 - The SUSE operating system must configure the Linux Pluggable Authentication Modules (PAM) to only store encrypted representations of passwords. | DISA SLES 12 STIG v2r12 | Unix | |
| SLES-12-010230 - The SUSE operating system must configure the Linux Pluggable Authentication Modules (PAM) to only store encrypted representations of passwords. | DISA SLES 12 STIG v2r11 | Unix | |
| SLES-12-010240 - The SUSE operating system must employ FIPS 140-2-approved cryptographic hashing algorithms for all stored passwords - SHA_CRYPT_MIN_ROUNDS | DISA SLES 12 STIG v2r7 | Unix | |
| SLES-12-010240 - The SUSE operating system must employ FIPS 140-2-approved cryptographic hashing algorithms for all stored passwords - SHA_CRYPT_MIN_ROUNDS | DISA SLES 12 STIG v2r9 | Unix | |
| SLES-12-010240 - The SUSE operating system must employ FIPS 140-2-approved cryptographic hashing algorithms for all stored passwords - SHA_CRYPT_MIN_ROUNDS | DISA SLES 12 STIG v2r6 | Unix | |
| SLES-12-010240 - The SUSE operating system must employ FIPS 140-2-approved cryptographic hashing algorithms for all stored passwords. | DISA SLES 12 STIG v2r12 | Unix | |
| SOL-11.1-060010 - The operating system must use mechanisms for authentication to a cryptographic module meeting the requirements of applicable federal laws, Executive orders, directives, policies, regulations, standards, and guidance for such authentication. | DISA STIG Solaris 11 X86 v2r4 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| SQL4-00-031100 - SQL Server must use NIST FIPS 140-2 or 140-3 validated cryptographic modules for cryptographic operations. | DISA STIG SQL Server 2014 Instance OS Audit v2r3 | Windows | |
| UBTU-18-010110 - The Ubuntu operating system must employ a FIPS 140-2 approved cryptographic hashing algorithms for all created and stored passwords - ENCRYPT_METHOD | DISA STIG Ubuntu 18.04 LTS v2r4 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| UBTU-18-010110 - The Ubuntu operating system must employ a FIPS 140-2 approved cryptographic hashing algorithms for all created and stored passwords - sha512 | DISA STIG Ubuntu 18.04 LTS v2r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| VCPG-70-000013 - VMware Postgres must use FIPS 140-2 approved Transport Layer Security (TLS) ciphers. | DISA STIG VMware vSphere 7.0 PostgreSQL v1r2 | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
