AIX7-00-003100 - The AIX SSH daemon must be configured to only use FIPS 140-2 approved ciphers - Approved List | DISA STIG AIX 7.x v2r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
AIX7-00-003100 - The AIX SSH daemon must be configured to only use FIPS 140-2 approved ciphers - CBC | DISA STIG AIX 7.x v2r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
CISC-ND-000530 - The Cisco router must be configured to implement replay-resistant authentication mechanisms for network access to privileged accounts - ssh algorithm | DISA STIG Cisco IOS Router NDM v2r3 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
CISC-ND-000530 - The Cisco switch must be configured to implement replay-resistant authentication mechanisms for network access to privileged accounts - ip ssh server algorithm | DISA STIG Cisco IOS Switch NDM v2r3 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
CISC-ND-000720 - The Cisco router must be configured to terminate all network connections associated with device management after 10 minutes of inactivity - ip http secure-server | DISA STIG Cisco IOS Router NDM v2r2 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
CISC-ND-000720 - The Cisco router must be configured to terminate all network connections associated with device management after 10 minutes of inactivity - ip http secure-server | DISA STIG Cisco IOS Router NDM v2r3 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
CISC-ND-001200 - The Cisco router must be configured to use FIPS-validated Keyed-Hash Message Authentication Code (HMAC) to protect the integrity of remote maintenance sessions - ip ssh server algorithm encryption | DISA STIG Cisco IOS XE Router NDM v2r3 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
CISC-ND-001200 - The Cisco router must be configured to use FIPS-validated Keyed-Hash Message Authentication Code (HMAC) to protect the integrity of remote maintenance sessions - secure-server | DISA STIG Cisco IOS Router NDM v2r2 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
CISC-ND-001200 - The Cisco switch must be configured to use FIPS-validated Keyed-Hash Message Authentication Code (HMAC) to protect the integrity of remote maintenance sessions - ip ssh server algorithm mac | DISA STIG Cisco IOS XE Switch NDM v2r1 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
CISC-ND-001210 - The Cisco router must be configured to implement cryptographic mechanisms to protect the confidentiality of remote maintenance sessions - secure-server | DISA STIG Cisco IOS XE Router NDM v2r2 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
CISC-ND-001210 - The Cisco switch must be configured to implement cryptographic mechanisms to protect the confidentiality of remote maintenance sessions. | DISA STIG Cisco IOS Switch NDM v2r3 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
EX13-MB-000115 - Exchange internal Receive connectors must use Domain Security (mutual authentication Transport Layer Security) - mutual authentication Transport Layer Security. | DISA Microsoft Exchange 2013 Mailbox Server STIG v2r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
EX16-ED-000050 - Exchange external Receive connectors must be domain secure-enabled. | DISA Microsoft Exchange 2016 Edge Transport Server STIG v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
EX16-ED-000690 - Exchange internal Send connectors must require encryption - DomainSecureEnabled | DISA Microsoft Exchange 2016 Edge Transport Server STIG v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
EX16-ED-000690 - Exchange internal Send connectors must require encryption - TlsDomain | DISA Microsoft Exchange 2016 Edge Transport Server STIG v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
EX16-MB-002900 - Exchange must use encryption for RPC client access. | DISA Microsoft Exchange 2016 Mailbox Server STIG v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
F5BI-LT-000037 - The BIG-IP Core implementation must be configured to use NIST SP 800-52 Revision 1 compliant cryptography to protect the integrity of remote access sessions to virtual servers. | DISA F5 BIG-IP Local Traffic Manager 11.x STIG v2r1 | F5 | SYSTEM AND COMMUNICATIONS PROTECTION |
IIST-SI-000242 - The IIS 10.0 private website must employ cryptographic mechanisms (TLS) and require client certificates. | DISA IIS 10.0 Site v2r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
O112-C2-015700 - The DBMS must use NIST-validated FIPS 140-2-compliant cryptography for authentication mechanisms. | DISA STIG Oracle 11.2g v2r2 Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
OH12-1X-000295 - OHS must have the SSLFIPS directive enabled to implement required cryptographic protections using cryptographic modules complying with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance when encrypting data that must be compartmentalized. | DISA STIG Oracle HTTP Server 12.1.3 v2r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
OL07-00-010210 - The Oracle Linux operating system must be configured to use the shadow file to store only encrypted representations of passwords. | DISA Oracle Linux 7 STIG v2r4 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
OL07-00-010220 - The Oracle Linux operating system must be configured so that user and group account administration utilities are configured to store only encrypted representations of passwords. | DISA Oracle Linux 7 STIG v2r5 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
OL07-00-040180 - The Oracle Linux operating system must implement cryptography to protect the integrity of Lightweight Directory Access Protocol (LDAP) authentication communications - LDAP authentication communications. | DISA Oracle Linux 7 STIG v2r4 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
OL07-00-040400 - The Oracle Linux operating system must be configured so that the SSH daemon is configured to only use Message Authentication Codes (MACs) employing FIPS 140-2 approved cryptographic hash algorithms - MACs employing FIPS 140-2 approved cryptographic hash algorithms. | DISA Oracle Linux 7 STIG v2r4 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
PANW-AG-000141 - The Palo Alto Networks security platform providing encryption intermediary services must implement NIST FIPS-validated cryptography to generate cryptographic hashes. | DISA STIG Palo Alto ALG v3r1 | Palo_Alto | SYSTEM AND COMMUNICATIONS PROTECTION |
PGS9-00-007200 - PostgreSQL must maintain the confidentiality and integrity of information during preparation for transmission. | DISA STIG PostgreSQL 9.x on RHEL OS v2r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
PGS9-00-012300 - PostgreSQL must use NIST FIPS 140-2 validated cryptographic modules for cryptographic operations. | DISA STIG PostgreSQL 9.x on RHEL OS v2r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
PGS9-00-012800 - The DBMS must be configured on a platform that has a NIST certified FIPS 140-2 installation of OpenSSL - fips_enabled | DISA STIG PostgreSQL 9.x on RHEL DB v2r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
PGS9-00-012800 - The DBMS must be configured on a platform that has a NIST certified FIPS 140-2 installation of OpenSSL - kernel | DISA STIG PostgreSQL 9.x on RHEL DB v2r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
PPS9-00-012700 - The EDB Postgres Advanced Server must implement NIST FIPS 140-2 or 140-3 validated cryptographic modules to provision digital signatures. | EDB PostgreSQL Advanced Server OS Linux Audit v2r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
PPS9-00-012700 - The EDB Postgres Advanced Server must implement NIST FIPS 140-2 validated cryptographic modules to provision digital signatures. | EDB PostgreSQL Advanced Server OS Linux Audit v2r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
PPS9-00-012800 - The EDB Postgres Advanced Server must implement NIST FIPS 140-2 validated cryptographic modules to generate and validate cryptographic hashes. | EDB PostgreSQL Advanced Server OS Linux Audit v2r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
PPS9-00-012900 - The EDB Postgres Advanced Server must implement NIST FIPS 140-2 or 140-3 validated cryptographic modules to protect unclassified information requiring confidentiality and cryptographic protection, in accordance with the requirements of the data owner. | EDB PostgreSQL Advanced Server OS Linux Audit v2r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
PPS9-00-012900 - The EDB Postgres Advanced Server must implement NIST FIPS 140-2 validated cryptographic modules to protect unclassified information requiring confidentiality and cryptographic protection, in accordance with the requirements of the data owner. | EDB PostgreSQL Advanced Server OS Linux Audit v2r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
RHEL-06-000064 - The system must use a FIPS 140-2 approved cryptographic hashing algorithm for generating account password hashes (libuser.conf) - libuser.conf. | DISA Red Hat Enterprise Linux 6 STIG v2r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
RHEL-07-021620 - The Red Hat Enterprise Linux operating system must use a file integrity tool that is configured to use FIPS 140-2 approved cryptographic hashes for validating file contents and directories - sha512 | DISA Red Hat Enterprise Linux 7 STIG v3r5 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
RHEL-07-040180 - The Red Hat Enterprise Linux operating system must implement cryptography to protect the integrity of Lightweight Directory Access Protocol (LDAP) authentication communications. | DISA Red Hat Enterprise Linux 7 STIG v3r4 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
RHEL-07-040180 - The Red Hat Enterprise Linux operating system must implement cryptography to protect the integrity of Lightweight Directory Access Protocol (LDAP) authentication communications. | DISA Red Hat Enterprise Linux 7 STIG v3r7 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
RHEL-07-040190 - The Red Hat Enterprise Linux operating system must implement cryptography to protect the integrity of Lightweight Directory Access Protocol (LDAP) communications. | DISA Red Hat Enterprise Linux 7 STIG v3r5 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
SOL-11.1-060010 - The operating system must use mechanisms for authentication to a cryptographic module meeting the requirements of applicable federal laws, Executive orders, directives, policies, regulations, standards, and guidance for such authentication. | DISA STIG Solaris 11 X86 v2r4 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
SP13-00-000145 - SharePoint must use mechanisms for authentication to a cryptographic module that meet the requirements of applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance for such authentication. | DISA STIG SharePoint 2013 v2r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
SQL6-D0-008400 - SQL Server must enforce authorized access to all PKI private keys stored/utilized by SQL Server. | DISA STIG SQL Server 2016 Instance OS Audit v2r4 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
SQL6-D0-009200 - SQL Server must maintain the authenticity of communications sessions by guarding against man-in-the-middle attacks that guess at Session ID values. | DISA STIG SQL Server 2016 Instance OS Audit v2r4 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
SQL6-D0-015800 - SQL Server must implement NIST FIPS 140-2 validated cryptographic modules to protect unclassified information requiring confidentiality and cryptographic protection, in accordance with the data owners requirements. | DISA STIG SQL Server 2016 Instance OS Audit v2r4 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
UBTU-18-010104 - The Ubuntu operating system must encrypt all stored passwords with a FIPS 140-2 approved cryptographic hashing algorithm. | DISA STIG Ubuntu 18.04 LTS v2r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
UBTU-18-010110 - The Ubuntu operating system must employ a FIPS 140-2 approved cryptographic hashing algorithms for all created and stored passwords - ENCRYPT_METHOD | DISA STIG Ubuntu 18.04 LTS v2r4 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
UBTU-18-010110 - The Ubuntu operating system must employ a FIPS 140-2 approved cryptographic hashing algorithms for all created and stored passwords - sha512 | DISA STIG Ubuntu 18.04 LTS v2r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
UBTU-18-010506 - The Ubuntu operating system must use cryptographic mechanisms to protect the integrity of audit tools - audispd | DISA STIG Ubuntu 18.04 LTS v2r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
UBTU-18-010506 - The Ubuntu operating system must use cryptographic mechanisms to protect the integrity of audit tools - auditctl | DISA STIG Ubuntu 18.04 LTS v2r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
WN12-SO-000074 - The system must be configured to use FIPS-compliant algorithms for encryption, hashing, and signing. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |