1.1.3.14.2 Set 'System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing' to 'Enabled' | CIS Windows 8 L1 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
1.6 Support Web Access Security - b) ssl-context field | Tenable ZTE ROSNG | ZTE_ROSNG | SYSTEM AND COMMUNICATIONS PROTECTION |
1.8 SSH Strong Algorithm - g) Disable hmac md5 | Tenable ZTE ROSNG | ZTE_ROSNG | SYSTEM AND COMMUNICATIONS PROTECTION |
1.12 Set 'External send connector authentication: Domain Security' to 'True' | CIS Microsoft Exchange Server 2013 Edge v1.1.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
1.13.2.4 Ensure 'Message Formats' is set to Enabled:S/MIME and Fortezza | CIS Microsoft Office Outlook 2016 v1.1.0 Level 1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
2.2.1.5 Ensure 'Allow users to accept untrusted TLS certificates' is set to 'Disabled' | MobileIron - CIS Apple iOS 10 v2.0.0 End User Owned L2 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
2.6 Configure TLS authentication for Docker daemon - tlscacert | CIS Docker 1.12.0 v1.0.0 L1 Docker | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
2.6 Configure TLS authentication for Docker daemon - tlskey | CIS Docker 1.11.0 v1.0.0 L1 Docker | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
2.6.1 Enable FileVault - Encryption Status | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
2.6.1 Enable FileVault - Encryption Status | CIS Apple OSX 10.11 El Capitan L1 v1.1.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
2.6.1 Enable FileVault - Encryption Type | CIS Apple OSX 10.9 Mavericks L1 v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
2.10 Set 'Configure startup mode' to 'TLS' | CIS Microsoft Exchange Server 2016 UM v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
2.12 Set 'Configure dial plan security' to 'Secured' | CIS Microsoft Exchange Server 2016 UM v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
2.17 Set 'Support the following message formats:' to 'Enabled:S/MIME and Fortezza' | CIS MS Office Outlook 2010 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
2.19 Set 'Require client MAPI encryption' to 'True' | CIS Microsoft Exchange Server 2016 CAS v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
2.25.8 Ensure 'Encryption Type for Password Protected Office Open XML Files' is set to Enabled | CIS Microsoft Office 2016 v1.1.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
2.25.10 Ensure 'Disable Password to Open UI' is set to Disabled | CIS Microsoft Office 2013 v1.1.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
3.9 - FIPS Compliant cryptographic Module should be used - JAVA_PROPERTIES | TNS Oracle WebLogic Server 10 Linux Best Practices | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
3.9 - FIPS Compliant cryptographic Module should be used - PRE_CLASSPATH | TNS Oracle WebLogic Server 10 Windows Best Practices | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
3.21 - FIPS Compliant cryptographic Module should be used - PRE_CLASSPATH | TNS Oracle WebLogic Server 11 Linux Best Practices | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
5.1 Set 'Secure Protocol combinations' to 'Enabled:Only use TLS 1.0' | CIS IE 9 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
5.2.11 Ensure only approved ciphers are used | CIS Amazon Linux v2.0.0 L1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
5.2.13 Ensure only strong Ciphers are used | CIS Oracle Linux 7 Workstation L1 v3.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
5.2.15 Ensure only strong Key Exchange algorithms are used | CIS Oracle Linux 7 Workstation L1 v3.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
5.4.1.6 Ensure encrypted respresentation of passwords is set. | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
6.2 Ensure SSLEnabled is set to True for Sensitive Connectors(verify SSLEnabled is set to true) | CIS Apache Tomcat 7 L1 v1.1.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
6.2 Ensure SSLEnabled is set to True for Sensitive Connectors(verify SSLEnabled is set to true) | CIS Apache Tomcat 8 L1 v1.0.1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
6.4 Ensure secure is set to true only for SSL-enabled Connectors (verify secure is set to true) | CIS Apache Tomcat 7 L1 v1.1.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
6.4 Ensure secure is set to true only for SSL-enabled Connectors (verify secure is set to true) | CIS Apache Tomcat 8 L1 v1.0.1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
6.5 Ensure sslProtocol is set to TLS for Secure Connectors (verify sslProtocol is set to TLS) | CIS Apache Tomcat 7 L1 v1.1.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
6.5 Ensure sslProtocol is set to TLS for Secure Connectors (verify sslProtocol is set to TLS) | CIS Apache Tomcat 8 L1 v1.0.1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
7.4 Ensure TLS 1.0 is disabled | CIS IIS 8.0 v1.5.1 Level 2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
7.5 Ensure TLS 1.1 is enabled | CIS IIS 8.0 v1.5.1 Level 1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
7.6 Ensure TLS 1.2 is enabled | CIS IIS 8.0 v1.5.1 Level 1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
7.9 Ensure RC2 Cipher Suites is disabled | CIS IIS 8.0 v1.5.1 Level 1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
7.10 Ensure RC4 Cipher Suites is disabled - RC4 64/128 | CIS IIS 7 L1 v1.8.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
7.12 Ensure AES 128/128 Cipher Suite is configured | CIS IIS 8.0 v1.5.1 Level 1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
7.14 Ensure TLS Cipher Suite ordering is configured | CIS IIS 8.0 v1.5.1 Level 2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
8.6 Ensure Full Digital Chain of Trust can be Validated | CIS BIND DNS v1.0.0 L2 Authoritative Name Server | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
9.6 Ensure Signing Keys are Scheduled to be Replaced Periodically - KSK | CIS BIND DNS v1.0.0 L2 Authoritative Name Server | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
10.4 Force SSL when accessing the manager application | CIS Apache Tomcat 7 L1 v1.1.0 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
10.12 Force SSL for all applications | CIS Apache Tomcat 7 L2 v1.1.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
18.8.4.1 Ensure 'Encryption Oracle Remediation' is set to 'Enabled: Force Updated Clients' | CIS Windows 7 Workstation Level 1 v3.2.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
Brocade : 'SupportFTP parameters are set to SCP' | TNS Brocade FabricOS Best Practices | Brocade | SYSTEM AND COMMUNICATIONS PROTECTION |
DTOO190 - The encryption type for password protected Office 97 thru Office 2003 must be set. | DISA STIG Office System 2010 v1r5 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
DTOO195 - Passwords for secured documents must be enforced. | DISA STIG Office System 2010 v1r5 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
Encrypt Communication - config - 'net.ssl.FIPSMode = true' | TNS MongoDB 2.6 Best Practices Linux OS Audit v1.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
Encrypt Communication - config - 'sslPEMKeyFile' | TNS MongoDB 2.4 Best Practices Windows OS Audit v1.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
Fortigate - Encrypt logs sent to FortiAnalyzer/FortiManager | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | SYSTEM AND COMMUNICATIONS PROTECTION |
WG340 - A Private web server is not using TLS - 'HKLM\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\PCT 1.0\Client' | DISA STIG IIS 6.0 Site Checklist v6r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |