AOSX-14-002062 - The macOS system must be configured with Bluetooth turned off unless approved by the organization. | DISA STIG Apple Mac OSX 10.14 v2r1 | Unix | CONFIGURATION MANAGEMENT |
AOSX-15-002062 - The macOS system must be configured with Bluetooth turned off unless approved by the organization - HiddenPreferencePanes | DISA STIG Apple Mac OSX 10.15 v1r5 | Unix | CONFIGURATION MANAGEMENT |
AOSX-15-002062 - The macOS system must be configured with Bluetooth turned off unless approved by the organization - HiddenPreferencePanes | DISA STIG Apple Mac OSX 10.15 v1r7 | Unix | CONFIGURATION MANAGEMENT |
APPL-12-002062 - The macOS system must be configured with Bluetooth turned off unless approved by the organization. | DISA STIG Apple macOS 12 v1r9 | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
APPL-13-002062 - The macOS system must be configured with Bluetooth turned off unless approved by the organization. | DISA STIG Apple macOS 13 v1r4 | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
AS24-U1-000870 - Cookies exchanged between the Apache web server and the client, such as session cookies, must have cookie properties set to prohibit client-side scripts from reading the cookie data - Session | DISA STIG Apache Server 2.4 Unix Server v2r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
AS24-U1-000870 - Cookies exchanged between the Apache web server and the client, such as session cookies, must have cookie properties set to prohibit client-side scripts from reading the cookie data - Session | DISA STIG Apache Server 2.4 Unix Server v2r5 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
AS24-U1-000870 - Cookies exchanged between the Apache web server and the client, such as session cookies, must have cookie properties set to prohibit client-side scripts from reading the cookie data - Session | DISA STIG Apache Server 2.4 Unix Server v3r1 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
AS24-U1-000870 - Cookies exchanged between the Apache web server and the client, such as session cookies, must have cookie properties set to prohibit client-side scripts from reading the cookie data - SessionCookieName | DISA STIG Apache Server 2.4 Unix Server v2r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
AS24-U1-000900 - The Apache web server must remove all export ciphers to protect the confidentiality and integrity of transmitted information. | DISA STIG Apache Server 2.4 Unix Server v3r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
AS24-U2-000870 - The Apache web server cookies, such as session cookies, sent to the client using SSL/TLS must not be compressed. | DISA STIG Apache Server 2.4 Unix Site v2r1 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
AS24-U2-000890 - Cookies exchanged between the Apache web server and the client, such as session cookies, must have cookie properties set to force the encryption of cookies - Session On | DISA STIG Apache Server 2.4 Unix Site v2r2 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
AS24-U2-000890 - Cookies exchanged between the Apache web server and the client, such as session cookies, must have cookie properties set to force the encryption of cookies - session_cookie_module | DISA STIG Apache Server 2.4 Unix Site v2r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
AS24-U2-000890 - Cookies exchanged between the Apache web server and the client, such as session cookies, must have cookie properties set to force the encryption of cookies - session_cookie_module | DISA STIG Apache Server 2.4 Unix Site v2r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
AS24-W2-000860 - The Apache web server cookies, such as session cookies, sent to the client using SSL/TLS must not be compressed. | DISA STIG Apache Server 2.4 Windows Site v2r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
AS24-W2-000870 - Cookies exchanged between the Apache web server and the client, such as session cookies, must have cookie properties set to prohibit client-side scripts from reading the cookie data - Session On | DISA STIG Apache Server 2.4 Windows Site v2r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
AS24-W2-000880 - Cookies exchanged between the Apache web server and the client, such as session cookies, must have cookie properties set to force the encryption of cookies - Session On | DISA STIG Apache Server 2.4 Windows Site v2r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
ESXI-65-000050 - The ESXi host must protect the confidentiality and integrity of transmitted information by protecting IP based management traffic. | DISA STIG VMware vSphere ESXi 6.5 v2r4 | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
EX13-CA-000150 - Exchange OWA must use https - Internal | DISA Microsoft Exchange 2013 Client Access Server STIG v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
EX13-EG-000340 - Exchange internal Receive connectors must require encryption. | DISA Microsoft Exchange 2013 Edge Transport Server STIG v1r6 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
EX16-ED-000680 - Exchange internal Receive connectors must require encryption. | DISA Microsoft Exchange 2016 Edge Transport Server STIG v2r5 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
EX16-ED-000690 - Exchange internal Send connectors must require encryption - DomainSecureEnabled | DISA Microsoft Exchange 2016 Edge Transport Server STIG v2r5 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
EX16-ED-000690 - Exchange internal Send connectors must require encryption - RequireTLS | DISA Microsoft Exchange 2016 Edge Transport Server STIG v2r5 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
EX16-ED-000690 - Exchange internal Send connectors must require encryption - TlsAuthLevel | DISA Microsoft Exchange 2016 Edge Transport Server STIG v2r5 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
EX16-ED-000690 - Exchange internal Send connectors must require encryption - TlsDomain | DISA Microsoft Exchange 2016 Edge Transport Server STIG v2r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
EX16-ED-000690 - Exchange internal Send connectors must require encryption - TlsDomain | DISA Microsoft Exchange 2016 Edge Transport Server STIG v2r5 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
IIST-SI-000246 - Cookies exchanged between the IIS 10.0 website and the client must have cookie properties set to prohibit client-side scripts from reading the cookie data - compressionEnabled | DISA IIS 10.0 Site v2r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
IIST-SI-000246 - Cookies exchanged between the IIS 10.0 website and the client must have cookie properties set to prohibit client-side scripts from reading the cookie data - requireSSL | DISA IIS 10.0 Site v2r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
IIST-SI-000246 - Cookies exchanged between the IIS 10.0 website and the client must have cookie properties set to prohibit client-side scripts from reading the cookie data. | DISA IIS 10.0 Site v2r9 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
IIST-SV-000152 - IIS 10.0 web server session IDs must be sent to the client using TLS. | DISA IIS 10.0 Server v3r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
IIST-SV-000153 - An IIS 10.0 web server must maintain the confidentiality of controlled information during transmission through the use of an approved Transport Layer Security (TLS) version | DISA IIS 10.0 Server v2r10 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
IIST-SV-000153 - An IIS 10.0 web server must maintain the confidentiality of controlled information during transmission through the use of an approved Transport Layer Security (TLS) version - TLS version | DISA IIS 10.0 Server v3r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
IIST-SV-000154 - The IIS 10.0 web server must maintain the confidentiality of controlled information during transmission through the use of an approved Transport Layer Security (TLS) version. | DISA IIS 10.0 Server v3r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
IIST-SV-000154 - The IIS 10.0 web server must maintain the confidentiality of controlled information during transmission through the use of an approved Transport Layer Security (TLS) version. | DISA IIS 10.0 Server v2r10 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
IISW-SI-000244 - IIS 8.5 website session IDs must be sent to the client using TLS. | DISA IIS 8.5 Site v2r9 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
IISW-SI-000246 - Cookies exchanged between the IIS 8.5 website and the client must use SSL/TLS, have cookie properties set to prohibit client-side scripts from reading the cookie data and must not be compressed - requireSSL | DISA IIS 8.5 Site v2r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
IISW-SV-000152 - IIS 8.5 web server session IDs must be sent to the client using TLS. | DISA IIS 8.5 Server v2r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
IISW-SV-000152 - IIS 8.5 web server session IDs must be sent to the client using TLS. | DISA IIS 8.5 Server v2r7 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
OH12-1X-000309 - OHS must have the SSLFIPS directive enabled to prevent unauthorized disclosure of information during transmission. | DISA STIG Oracle HTTP Server 12.1.3 v2r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
OH12-1X-000322 - OHS must have the SSLEngine, SSLProtocol, and SSLWallet directives enabled and configured to maintain the confidentiality of controlled information during transmission through the use of an approved TLS version - SSLEngine | DISA STIG Oracle HTTP Server 12.1.3 v2r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
OL07-00-040310 - The Oracle Linux operating system must be configured so that all networked systems use SSH for confidentiality and integrity of transmitted and received information as well as information during preparation for transmission. | DISA Oracle Linux 7 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
PHTN-67-000009 - The Photon operating system must configure sshd to use approved encryption algorithms. | DISA STIG VMware vSphere 6.7 Photon OS v1r3 | Unix | |
SOL-11.1-060070 - The operating system must protect the integrity of transmitted information. | DISA STIG Solaris 11 X86 v3r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
SPLK-CL-000070 - Splunk Enterprise must use SSL to protect the confidentiality and integrity of transmitted information. | DISA STIG Splunk Enterprise 7.x for Windows v3r1 REST API | Splunk | SYSTEM AND COMMUNICATIONS PROTECTION |
UBTU-18-010521 - The Ubuntu operating system must disable all wireless network adapters. | DISA STIG Ubuntu 18.04 LTS v2r15 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
WDNS-SC-000028 - The Windows 2012 DNS Server must protect the integrity of transmitted information. | DISA Microsoft Windows 2012 Server DNS STIG v2r7 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
WN11-SO-000035 - Outgoing secure channel traffic must be encrypted or signed. | DISA Windows 11 STIG v2r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
WN11-SO-000040 - Outgoing secure channel traffic must be encrypted. | DISA Windows 11 STIG v2r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
WN12-SO-000090-DC - Domain controllers must require LDAP access signing. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r6 | Windows | |
WN12-SO-000090-DC - Domain controllers must require LDAP access signing. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r4 | Windows | |