| AIOS-17-007200 - Apple iOS/iPadOS 17 must not include applications with the following characteristics: access to Siri when the device is locked. | AirWatch - DISA Apple iOS/iPadOS 17 v2r1 | MDM | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| AIOS-17-007200 - Apple iOS/iPadOS 17 must not include applications with the following characteristics: access to Siri when the device is locked. | MobileIron - DISA Apple iOS/iPadOS 17 v2r1 | MDM | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| ARST-RT-000280 - The Arista router must be configured to authenticate all routing protocol messages using NIST-validated FIPS 198-1 message authentication code algorithm. | DISA STIG Arista MLS EOS 4.2x Router v2r1 | Arista | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| CASA-VN-000230 - The Cisco ASA must be configured to use FIPS-validated SHA-2 at 384 bits or higher for Internet Key Exchange (IKE) Phase 1 - IKE Phase 1. | DISA STIG Cisco ASA VPN v2r1 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| DB2X-00-004600 - DB2 must use NIST FIPS 140-2 validated cryptographic modules for cryptographic operations | DISA STIG IBM DB2 v10.5 LUW v2r1 Database | IBM_DB2DB | IDENTIFICATION AND AUTHENTICATION |
| DTOO257 - S/Mime interoperability with external clients for message handling must be configured. | DISA STIG Microsoft Outlook 2016 v2r3 | Windows | IDENTIFICATION AND AUTHENTICATION |
| DTOO260 - Message formats must be set to use SMime. | DISA STIG Microsoft Outlook 2016 v2r3 | Windows | IDENTIFICATION AND AUTHENTICATION |
| DTOO262 - Run in FIPS compliant mode must be enforced. | DISA STIG Microsoft Outlook 2016 v2r3 | Windows | IDENTIFICATION AND AUTHENTICATION |
| EP11-00-013200 - The EDB Postgres Advanced Server must be configured on a platform that has a NIST certified FIPS 140-2 or 140-3 installation of OpenSSL. | EDB PostgreSQL Advanced Server v11 Windows OS Audit v2r4 | Windows | IDENTIFICATION AND AUTHENTICATION |
| EPAS-00-004950 - The EDB Postgres Advanced Server must be configured on a platform that has a NIST-certified FIPS 140-2 or 140-3 installation of OpenSSL. | EnterpriseDB PostgreSQL Advanced Server OS Linux v2r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| F5BI-DM-000135 - The BIG-IP appliance must be configured to use mechanisms meeting the requirements of applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance for authentication to a cryptographic module. | DISA F5 BIG-IP Device Management STIG v2r3 | F5 | IDENTIFICATION AND AUTHENTICATION |
| FGFW-ND-000255 - The FortiGate device must use FIPS 140-2 approved algorithms for authentication to a cryptographic module. | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | IDENTIFICATION AND AUTHENTICATION |
| GEN000590 - The system must use a FIPS 140-2 approved cryptographic hashing algorithm for generating account password hashes - CRYPT_ALGORITHMS_ALLOW | DISA STIG Solaris 10 SPARC v2r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| GEN000590 - The system must use a FIPS 140-2 approved cryptographic hashing algorithm for generating account password hashes - CRYPT_ALGORITHMS_ALLOW | DISA STIG Solaris 10 X86 v2r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| GEN000590 - The system must use a FIPS 140-2 approved cryptographic hashing algorithm for generating account password hashes - CRYPT_DEFAULT | DISA STIG Solaris 10 X86 v2r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| GEN000590 - The system must use a FIPS 140-2 approved cryptographic hashing algorithm for generating account password hashes - CRYPT_DEFAULT | DISA STIG Solaris 10 SPARC v2r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| GEN000590 - The system must use a FIPS 140-2 approved cryptographic hashing algorithm for generating account password hashes. | DISA STIG AIX 6.1 v1r14 | Unix | IDENTIFICATION AND AUTHENTICATION |
| GEN000590 - The system must use a FIPS 140-2 approved cryptographic hashing algorithm for generating account password hashes. | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | IDENTIFICATION AND AUTHENTICATION |
| GEN000590 - The system must use a FIPS 140-2 approved cryptographic hashing algorithm for generating account password hashes. | DISA STIG for Oracle Linux 5 v2r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| GOOG-14-006700 - Google Android 14 allowlist must be configured to not include applications with the following characteristics: | AirWatch - DISA Google Android 14 COBO v2r1 | MDM | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| GOOG-14-006700 - Google Android 14 allowlist must be configured to not include applications with the following characteristics: | MobileIron - DISA Google Android 14 COBO v2r1 | MDM | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| GOOG-14-006700 - Google Android 14 allowlist must be configured to not include applications with the following characteristics: | AirWatch - DISA Google Android 14 COPE v2r1 | MDM | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| GOOG-14-006700 - Google Android 14 allowlist must be configured to not include applications with the following characteristics: | MobileIron - DISA Google Android 14 COPE v2r1 | MDM | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| JUEX-L2-000030 - The Juniper layer 2 switch must be configured to disable all dynamic VLAN registration protocols. | DISA Juniper EX Series Layer 2 Switch v2r1 | Juniper | IDENTIFICATION AND AUTHENTICATION |
| JUEX-NM-000340 - The Juniper EX switch must be configured to use FIPS 140-2 approved algorithms for authentication to a cryptographic module. | DISA Juniper EX Series Network Device Management v2r1 | Juniper | IDENTIFICATION AND AUTHENTICATION |
| MADB-10-004400 - MariaDB must use NIST FIPS 140-2 validated cryptographic modules for cryptographic operations. | DISA MariaDB Enterprise 10.x v2r1 OS Linux | Unix | IDENTIFICATION AND AUTHENTICATION |
| MD4X-00-001300 - MongoDB must use NIST FIPS 140-2 or 140-3 validated cryptographic modules for cryptographic operations. | DISA STIG MongoDB Enterprise Advanced 4.x v1r4 OS | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| MYS8-00-006200 - The MySQL Database Server 8.0 must use NIST FIPS 140-2 or 140-3 validated cryptographic modules for cryptographic operations. | DISA Oracle MySQL 8.0 v2r2 DB | MySQLDB | IDENTIFICATION AND AUTHENTICATION |
| O112-C2-015700 - The DBMS must use NIST-validated FIPS 140-2-compliant cryptography for authentication mechanisms. | DISA STIG Oracle 11.2g v2r5 Windows | Windows | IDENTIFICATION AND AUTHENTICATION |
| OH12-1X-000253 - OHS must have the LoadModule ossl_module directive enabled to meet the requirements of applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance when encrypting stored data. | DISA STIG Oracle HTTP Server 12.1.3 v2r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OH12-1X-000255 - OHS must have the SSLEngine, SSLProtocol, and SSLWallet directives enabled to meet the requirements of applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance when encrypting stored data - SSLEngine | DISA STIG Oracle HTTP Server 12.1.3 v2r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OH12-1X-000260 - OHS must have the SSLCipherSuite directive enabled to meet the requirements of applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance for such authentication. | DISA STIG Oracle HTTP Server 12.1.3 v2r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL6-00-000062 - The system must use a FIPS 140-2-approved cryptographic hashing algorithm for generating account password hashes (system-auth). | DISA STIG Oracle Linux 6 v2r7 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL6-00-000064 - The system must use a FIPS 140-2 approved cryptographic hashing algorithm for generating account password hashes (libuser.conf) - libuser.conf. | DISA STIG Oracle Linux 6 v2r7 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL08-00-010159 - The OL 8 'pam_unix.so' module must be configured in the system-auth file to use a FIPS 140-2 approved cryptographic hashing algorithm for system authentication. | DISA Oracle Linux 8 STIG v2r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL08-00-010160 - The OL 8 'pam_unix.so' module must be configured in the password-auth file to use a FIPS 140-2 approved cryptographic hashing algorithm for system authentication. | DISA Oracle Linux 8 STIG v2r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL08-00-010161 - OL 8 must prevent system daemons from using Kerberos for authentication. | DISA Oracle Linux 8 STIG v2r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL08-00-010162 - The krb5-workstation package must not be installed on OL 8. | DISA Oracle Linux 8 STIG v2r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| PHTN-40-000059 The Photon operating system must use mechanisms meeting the requirements of applicable federal laws, Executive orders, directives, policies, regulations, standards, and guidance for authentication to a cryptographic module. | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| PPS9-00-004900 - The EDB Postgres Advanced Server must use NIST FIPS 140-2 or 140-3 validated cryptographic modules for cryptographic operations. | EDB PostgreSQL Advanced Server OS Linux Audit v2r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-09-252065 - RHEL 9 libreswan package must be installed. | DISA Red Hat Enterprise Linux 9 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| RHEL-09-611205 - RHEL 9 must prevent system daemons from using Kerberos for authentication. | DISA Red Hat Enterprise Linux 9 STIG v2r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-09-652015 - RHEL 9 must have the packages required for encrypting offloaded audit logs installed. | DISA Red Hat Enterprise Linux 9 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| RHEL-09-672025 - RHEL 9 must use mechanisms meeting the requirements of applicable federal laws, executive orders, directives, policies, regulations, standards, and guidance for authentication to a cryptographic module. | DISA Red Hat Enterprise Linux 9 STIG v2r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| SPLK-CL-000430 - Splunk Enterprise must use TLS 1.2 and SHA-2 or higher cryptographic algorithms. | DISA STIG Splunk Enterprise 8.x for Linux v2r1 STIG OS | Unix | IDENTIFICATION AND AUTHENTICATION |
| SYMP-NM-000280 - Symantec ProxySG must be configured to use only FIPS 140-2 approved algorithms for authentication to a cryptographic module with any application or protocol. | DISA Symantec ProxySG Benchmark NDM v1r2 | BlueCoat | IDENTIFICATION AND AUTHENTICATION |
| UBTU-22-611070 - Ubuntu 22.04 LTS must encrypt all stored passwords with a FIPS 140-3-approved cryptographic hashing algorithm. | DISA STIG Canonical Ubuntu 22.04 LTS v2r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| VCPG-70-000013 - VMware Postgres must use FIPS 140-2 approved Transport Layer Security (TLS) ciphers. | DISA STIG VMware vSphere 7.0 PostgreSQL v1r2 | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| WN16-SO-000350 - Kerberos encryption types must be configured to prevent the use of DES and RC4 encryption suites. | DISA Windows Server 2016 STIG v2r9 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN22-SO-000290 - Windows Server 2022 Kerberos encryption types must be configured to prevent the use of DES and RC4 encryption suites. | DISA Windows Server 2022 STIG v2r2 | Windows | IDENTIFICATION AND AUTHENTICATION |
