| AADC-CL-000955 - Adobe Acrobat Pro DC Classic FIPS mode must be enabled. | DISA STIG Adobe Acrobat Pro DC Classic Track v2r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-ND-000530 - The Cisco router must be configured to implement replay-resistant authentication mechanisms for network access to privileged accounts - ssh algorithm | DISA STIG Cisco IOS XE Router NDM v2r1 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-ND-000530 - The Cisco switch must be configured to implement replay-resistant authentication mechanisms for network access to privileged accounts - ip ssh server algorithm | DISA STIG Cisco IOS XE Switch NDM v2r1 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-ND-000720 - The Cisco switch must be configured to terminate all network connections associated with device management after 10 minutes of inactivity - ip http secure-server | DISA STIG Cisco IOS Switch NDM v2r3 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-ND-001200 - The Cisco router must be configured to use FIPS-validated Keyed-Hash Message Authentication Code (HMAC) to protect the integrity of remote maintenance sessions - ip ssh server algorithm encryption | DISA STIG Cisco IOS Router NDM v2r1 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-ND-001200 - The Cisco router must be configured to use FIPS-validated Keyed-Hash Message Authentication Code (HMAC) to protect the integrity of remote maintenance sessions - ip ssh server algorithm encryption | DISA STIG Cisco IOS Router NDM v2r3 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-ND-001200 - The Cisco router must be configured to use FIPS-validated Keyed-Hash Message Authentication Code (HMAC) to protect the integrity of remote maintenance sessions - ip ssh server algorithm encryption | DISA STIG Cisco IOS XE Router NDM v2r2 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-ND-001200 - The Cisco router must be configured to use FIPS-validated Keyed-Hash Message Authentication Code (HMAC) to protect the integrity of remote maintenance sessions - ip ssh server algorithm mac | DISA STIG Cisco IOS XE Router NDM v2r1 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-ND-001200 - The Cisco router must be configured to use FIPS-validated Keyed-Hash Message Authentication Code (HMAC) to protect the integrity of remote maintenance sessions - secure-server | DISA STIG Cisco IOS Router NDM v2r1 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-ND-001200 - The Cisco router must be configured to use FIPS-validated Keyed-Hash Message Authentication Code (HMAC) to protect the integrity of remote maintenance sessions - secure-server | DISA STIG Cisco IOS Router NDM v2r3 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-ND-001200 - The Cisco router must be configured to use FIPS-validated Keyed-Hash Message Authentication Code (HMAC) to protect the integrity of remote maintenance sessions - secure-server | DISA STIG Cisco IOS XE Router NDM v2r1 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-ND-001200 - The Cisco switch must be configured to use FIPS-validated Keyed-Hash Message Authentication Code (HMAC) to protect the integrity of remote maintenance sessions - ip ssh server algorithm mac | DISA STIG Cisco IOS Switch NDM v2r2 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-ND-001200 - The Cisco switch must be configured to use FIPS-validated Keyed-Hash Message Authentication Code (HMAC) to protect the integrity of remote maintenance sessions - ip ssh server algorithm mac | DISA STIG Cisco IOS Switch NDM v2r3 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-ND-001200 - The Cisco switch must be configured to use FIPS-validated Keyed-Hash Message Authentication Code (HMAC) to protect the integrity of remote maintenance sessions - ip ssh server algorithm mac | DISA STIG Cisco IOS XE Switch NDM v2r2 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-ND-001210 - The Cisco router must be configured to implement cryptographic mechanisms to protect the confidentiality of remote maintenance sessions - ssh server algorithm | DISA STIG Cisco IOS XE Router NDM v2r3 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-ND-001210 - The Cisco switch must be configured to implement cryptographic mechanisms to protect the confidentiality of remote maintenance sessions. | DISA STIG Cisco IOS Switch NDM v2r2 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-ND-001210 - The Cisco switch must be configured to implement cryptographic mechanisms to protect the confidentiality of remote maintenance sessions. | DISA STIG Cisco IOS XE Switch NDM v2r2 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| EP11-00-009100 - The EDB Postgres Advanced Server must only accept end entity certificates issued by DoD PKI or DoD-approved PKI Certification Authorities (CAs) for the establishment of all encrypted sessions. | EDB PostgreSQL Advanced Server v11 Windows OS Audit v2r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| IISW-SI-000246 - Cookies exchanged between the IIS 8.5 website and the client must use SSL/TLS, have cookie properties set to prohibit client-side scripts from reading the cookie data and must not be compressed - requireSSL | DISA IIS 8.5 Site v2r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| OL07-00-021620 - The Oracle Linux operating system must use a file integrity tool that is configured to use FIPS 140-2 approved cryptographic hashes for validating file contents and directories - sha512 | DISA Oracle Linux 7 STIG v2r4 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OL07-00-021620 - The Oracle Linux operating system must use a file integrity tool that is configured to use FIPS 140-2 approved cryptographic hashes for validating file contents and directories - sha512 | DISA Oracle Linux 7 STIG v2r5 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OL07-00-040190 - The Oracle Linux operating system must implement cryptography to protect the integrity of Lightweight Directory Access Protocol (LDAP) communications - LDAP communications. | DISA Oracle Linux 7 STIG v2r5 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OL07-00-040200 - The Oracle Linux operating system must implement cryptography to protect the integrity of Lightweight Directory Access Protocol (LDAP) communications - config | DISA Oracle Linux 7 STIG v2r4 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| PGS9-00-003000 - PostgreSQL must maintain the confidentiality and integrity of information during reception. | DISA STIG PostgreSQL 9.x on RHEL OS v2r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| PGS9-00-007200 - PostgreSQL must maintain the confidentiality and integrity of information during preparation for transmission. | DISA STIG PostgreSQL 9.x on RHEL DB v2r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| PGS9-00-012800 - The DBMS must be configured on a platform that has a NIST certified FIPS 140-2 installation of OpenSSL - fips_enabled | DISA STIG PostgreSQL 9.x on RHEL OS v2r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-06-000244 - The SSH daemon must be configured to only use Message Authentication Codes (MACs) employing FIPS 140-2 approved cryptographic hash algorithms. | DISA Red Hat Enterprise Linux 6 STIG v2r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-07-040190 - The Red Hat Enterprise Linux operating system must implement cryptography to protect the integrity of Lightweight Directory Access Protocol (LDAP) communications. | DISA Red Hat Enterprise Linux 7 STIG v3r4 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-07-040200 - The Red Hat Enterprise Linux operating system must implement cryptography to protect the integrity of Lightweight Directory Access Protocol (LDAP) communications - config | DISA Red Hat Enterprise Linux 7 STIG v3r7 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-07-040400 - The Red Hat Enterprise Linux operating system must be configured so that the SSH daemon is configured to only use Message Authentication Codes (MACs) employing FIPS 140-2 approved cryptographic hash algorithms. | DISA Red Hat Enterprise Linux 7 STIG v3r5 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| SP13-00-000085 - SharePoint must implement required cryptographic protections using cryptographic modules complying with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance. | DISA STIG SharePoint 2013 v2r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| SP13-00-000085 - SharePoint must implement required cryptographic protections using cryptographic modules complying with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance. | DISA STIG SharePoint 2013 v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| SP13-00-000095 - SharePoint must employ NSA-approved cryptography to protect classified information. | DISA STIG SharePoint 2013 v2r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| SP13-00-000100 - SharePoint must employ FIPS-validated cryptography to protect unclassified information when such information must be separated from individuals who have the necessary clearances yet lack the necessary access approvals. | DISA STIG SharePoint 2013 v2r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| SP13-00-000145 - SharePoint must use mechanisms for authentication to a cryptographic module that meet the requirements of applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance for such authentication. | DISA STIG SharePoint 2013 v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| UBTU-16-010550 - The Ubuntu operating system must use cryptographic mechanisms to protect the integrity of audit tools - auditctl | DISA STIG Ubuntu 16.04 LTS v2r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| UBTU-16-030230 - The Ubuntu operating system must implement DoD-approved encryption to protect the confidentiality of SSH connections. | DISA STIG Ubuntu 16.04 LTS v2r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| UBTU-18-010005 - The Ubuntu operating system must implement NIST FIPS-validated cryptography to protect classified information and for the following: to provision digital signatures, to generate cryptographic hashes, and to protect unclassified information requiring confidentiality and cryptographic protection in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards. | DISA STIG Ubuntu 18.04 LTS v2r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| UBTU-18-010005 - The Ubuntu operating system must implement NIST FIPS-validated cryptography to protect classified information and for the following: to provision digital signatures, to generate cryptographic hashes, and to protect unclassified information requiring confidentiality and cryptographic protection in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards. | DISA STIG Ubuntu 18.04 LTS v2r4 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| UBTU-18-010104 - The Ubuntu operating system must encrypt all stored passwords with a FIPS 140-2 approved cryptographic hashing algorithm. | DISA STIG Ubuntu 18.04 LTS v2r4 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| UBTU-18-010411 - The Ubuntu operating system must implement DoD-approved encryption to protect the confidentiality of remote access sessions. | DISA STIG Ubuntu 18.04 LTS v2r4 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| UBTU-18-010506 - The Ubuntu operating system must use cryptographic mechanisms to protect the integrity of audit tools - auditd | DISA STIG Ubuntu 18.04 LTS v2r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| UBTU-18-010506 - The Ubuntu operating system must use cryptographic mechanisms to protect the integrity of audit tools - augenrules | DISA STIG Ubuntu 18.04 LTS v2r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| UBTU-18-010506 - The Ubuntu operating system must use cryptographic mechanisms to protect the integrity of audit tools - aureport | DISA STIG Ubuntu 18.04 LTS v2r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| UBTU-18-010506 - The Ubuntu operating system must use cryptographic mechanisms to protect the integrity of audit tools - aureport | DISA STIG Ubuntu 18.04 LTS v2r4 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| WBLC-05-000176 - Oracle WebLogic must use cryptographic modules that meet the requirements of applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance when encrypting stored data - JAVA_OPTIONS | Oracle WebLogic Server 12c v1r6 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WBLC-05-000177 - Oracle WebLogic must utilize FIPS 140-2 approved encryption modules when authenticating users and processes - JAVA_OPTIONS | Oracle WebLogic Server 12c v1r6 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| WBLC-05-000177 - Oracle WebLogic must utilize FIPS 140-2 approved encryption modules when authenticating users and processes - JAVA_OPTIONS | Oracle WebLogic Server 12c v1r6 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WBLC-08-000214 - Oracle WebLogic must utilize NSA-approved cryptography when protecting classified compartmentalized data - PRE_CLASSPATH | Oracle WebLogic Server 12c v1r6 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN19-DC-000140 - Windows Server 2019 must use separate, NSA-approved (Type 1) cryptography to protect the directory data in transit for directory service implementations at a classified confidentiality level when replication data traverses a network cleared to a lower level than the data. | DISA Windows Server 2019 STIG v3r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
