| AIX7-00-002111 - AIX SSH daemon must be configured to only use Message Authentication Codes (MACs) employing FIPS 140-2 approved cryptographic hash algorithms. | DISA STIG AIX 7.x v2r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| BIND-9X-001120 - A BIND 9.x server must implement NIST FIPS-validated cryptography for provisioning digital signatures and generating cryptographic hashes. | DISA BIND 9.x STIG v2r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-ND-000720 - The Cisco router must be configured to terminate all network connections associated with device management after 10 minutes of inactivity - ip http secure-server | DISA STIG Cisco IOS XE Router NDM v2r2 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-ND-000720 - The Cisco router must be configured to terminate all network connections associated with device management after 10 minutes of inactivity - ip http secure-server | DISA STIG Cisco IOS XE Router NDM v2r3 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-ND-001200 - The Cisco router must be configured to use FIPS-validated Keyed-Hash Message Authentication Code (HMAC) to protect the integrity of remote maintenance sessions - ip ssh server algorithm mac | DISA STIG Cisco IOS XE Router NDM v2r2 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-ND-001200 - The Cisco router must be configured to use FIPS-validated Keyed-Hash Message Authentication Code (HMAC) to protect the integrity of remote maintenance sessions - secure-server | DISA STIG Cisco IOS XE Router NDM v2r3 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-ND-001210 - The Cisco router must be configured to implement cryptographic mechanisms to protect the confidentiality of remote maintenance sessions - secure-server | DISA STIG Cisco IOS XE Router NDM v2r1 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| F5BI-LT-000035 - The BIG-IP Core implementation must be configured to comply with the required TLS settings in NIST SP 800-52 Revision 1 for TLS services to virtual servers. | DISA F5 BIG-IP Local Traffic Manager 11.x STIG v2r1 | F5 | SYSTEM AND COMMUNICATIONS PROTECTION |
| F5BI-LT-000097 - The BIG-IP Core implementation must be configured to protect the authenticity of communications sessions. | DISA F5 BIG-IP Local Traffic Manager 11.x STIG v2r1 | F5 | SYSTEM AND COMMUNICATIONS PROTECTION |
| F5BI-LT-000291 - The BIG-IP Core implementation must be configured to implement NIST FIPS-validated cryptography to generate cryptographic hashes when providing encryption traffic to virtual servers. | DISA F5 BIG-IP Local Traffic Manager 11.x STIG v2r1 | F5 | SYSTEM AND COMMUNICATIONS PROTECTION |
| IIST-SI-000203 - A private IIS 10.0 website must only accept Secure Socket Layer (SSL) connections. | DISA IIS 10.0 Site v2r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| JBOS-AS-000650 - JBoss must be configured to use an approved TLS version. | DISA RedHat JBoss EAP 6.3 STIG v2r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| JBOS-AS-000730 - The JBoss server must be configured to use DoD- or CNSS-approved PKI Class 3 or Class 4 certificates. | DISA RedHat JBoss EAP 6.3 STIG v2r4 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUSX-VN-000024 - The Juniper SRX Services Gateway VPN IKE must use NIST FIPS-validated cryptography to implement encryption services for unclassified VPN traffic. | DISA Juniper SRX Services Gateway VPN v3r1 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| OL6-00-000228 - The Oracle Linux operating system must be configured so that the SSH daemon is configured to only use Message Authentication Codes (MACs) employing FIPS 140-2 approved cryptographic hash algorithms. | DISA STIG Oracle Linux 6 v1r18 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OL07-00-010210 - The Oracle Linux operating system must be configured to use the shadow file to store only encrypted representations of passwords. | DISA Oracle Linux 7 STIG v2r5 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OL07-00-040190 - The Oracle Linux operating system must implement cryptography to protect the integrity of Lightweight Directory Access Protocol (LDAP) communications - LDAP communications. | DISA Oracle Linux 7 STIG v2r4 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| PGS9-00-003000 - PostgreSQL must maintain the confidentiality and integrity of information during reception. | DISA STIG PostgreSQL 9.x on RHEL DB v2r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| PGS9-00-008200 - PostgreSQL must implement NIST FIPS 140-2 validated cryptographic modules to protect unclassified information requiring confidentiality and cryptographic protection, in accordance with the data owners requirements. | DISA STIG PostgreSQL 9.x on RHEL DB v2r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| PGS9-00-008200 - PostgreSQL must implement NIST FIPS 140-2 validated cryptographic modules to protect unclassified information requiring confidentiality and cryptographic protection, in accordance with the data owners requirements. | DISA STIG PostgreSQL 9.x on RHEL OS v2r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| PGS9-00-012800 - The DBMS must be configured on a platform that has a NIST certified FIPS 140-2 installation of OpenSSL - postgres version | DISA STIG PostgreSQL 9.x on RHEL DB v2r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| PGS9-00-012800 - The DBMS must be configured on a platform that has a NIST certified FIPS 140-2 installation of OpenSSL - postgres version | DISA STIG PostgreSQL 9.x on RHEL OS v2r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-06-000228 - The Red Hat Enterprise Linux operating system must be configured so that the SSH daemon is configured to only use Message Authentication Codes (MACs) employing FIPS 140-2 approved cryptographic hash algorithms. | DISA Red Hat Enterprise Linux 6 STIG v2r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-07-010210 - The Red Hat Enterprise Linux operating system must be configured to use the shadow file to store only encrypted representations of passwords. | DISA Red Hat Enterprise Linux 7 STIG v3r4 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-07-021620 - The Red Hat Enterprise Linux operating system must use a file integrity tool that is configured to use FIPS 140-2 approved cryptographic hashes for validating file contents and directories - sha512 | DISA Red Hat Enterprise Linux 7 STIG v3r4 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-07-040190 - The Red Hat Enterprise Linux operating system must implement cryptography to protect the integrity of Lightweight Directory Access Protocol (LDAP) communications. | DISA Red Hat Enterprise Linux 7 STIG v3r7 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-07-040200 - The Red Hat Enterprise Linux operating system must implement cryptography to protect the integrity of Lightweight Directory Access Protocol (LDAP) communications - config | DISA Red Hat Enterprise Linux 7 STIG v3r5 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| SLES-12-010210 - The SUSE operating system must employ FIPS 140-2 approved cryptographic hashing algorithm for system authentication (login.defs). | DISA SLES 12 STIG v2r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| SLES-15-020170 - The SUSE operating system must configure the Linux Pluggable Authentication Modules (PAM) to only store encrypted representations of passwords - PAM to only store encrypted representations of passwords | DISA SLES 15 STIG v1r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| SOL-11.1-040130 - Systems must employ cryptographic hashes for passwords using the SHA-2 family of algorithms or FIPS 140-2 approved successors - 'CRYPT_DEFAULT' | DISA STIG Solaris 11 SPARC v2r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| SOL-11.1-040130 - Systems must employ cryptographic hashes for passwords using the SHA-2 family of algorithms or FIPS 140-2 approved successors - 'CRYPT_DEFAULT' | DISA STIG Solaris 11 X86 v2r4 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| SOL-11.1-040130 - Systems must employ cryptographic hashes for passwords using the SHA-2 family of algorithms or FIPS 140-2 approved successors. | DISA STIG Solaris 11 SPARC v2r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| SOL-11.1-040130 - Systems must employ cryptographic hashes for passwords using the SHA-2 family of algorithms or FIPS 140-2 approved successors. | DISA STIG Solaris 11 X86 v2r4 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| SOL-11.1-060010 - The operating system must use mechanisms for authentication to a cryptographic module meeting the requirements of applicable federal laws, Executive orders, directives, policies, regulations, standards, and guidance for such authentication. | DISA STIG Solaris 11 SPARC v2r4 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| SQL6-D0-015700 - SQL Server must implement NIST FIPS 140-2 or 140-3 validated cryptographic modules to generate and validate cryptographic hashes. | DISA STIG SQL Server 2016 Instance OS Audit v3r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| UBTU-16-010180 - The pam_unix.so module must use a FIPS 140-2 approved cryptographic hashing algorithm for system authentication. | DISA STIG Ubuntu 16.04 LTS v2r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| UBTU-16-010370 - The Ubuntu operating system must implement NSA-approved cryptography to protect classified information in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards. | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| UBTU-16-010550 - The Ubuntu operating system must use cryptographic mechanisms to protect the integrity of audit tools - audispd | DISA STIG Ubuntu 16.04 LTS v2r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| UBTU-16-010550 - The Ubuntu operating system must use cryptographic mechanisms to protect the integrity of audit tools - augenrules | DISA STIG Ubuntu 16.04 LTS v2r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| UBTU-18-010110 - The Ubuntu operating system must employ a FIPS 140-2 approved cryptographic hashing algorithms for all created and stored passwords - ENCRYPT_METHOD | DISA STIG Ubuntu 18.04 LTS v2r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| UBTU-18-010506 - The Ubuntu operating system must use cryptographic mechanisms to protect the integrity of audit tools - audispd | DISA STIG Ubuntu 18.04 LTS v2r4 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| UBTU-18-010506 - The Ubuntu operating system must use cryptographic mechanisms to protect the integrity of audit tools - autrace | DISA STIG Ubuntu 18.04 LTS v2r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| WBLC-05-000176 - Oracle WebLogic must use cryptographic modules that meet the requirements of applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance when encrypting stored data - JAVA_OPTIONS | Oracle WebLogic Server 12c v1r6 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| WBLC-05-000176 - Oracle WebLogic must use cryptographic modules that meet the requirements of applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance when encrypting stored data - PRE_CLASSPATH | Oracle WebLogic Server 12c v1r6 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| WBLC-05-000177 - Oracle WebLogic must utilize FIPS 140-2 approved encryption modules when authenticating users and processes - PRE_CLASSPATH | Oracle WebLogic Server 12c v1r6 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| WBLC-05-000177 - Oracle WebLogic must utilize FIPS 140-2 approved encryption modules when authenticating users and processes - PRE_CLASSPATH | Oracle WebLogic Server 12c v1r6 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WBLC-08-000214 - Oracle WebLogic must utilize NSA-approved cryptography when protecting classified compartmentalized data - PRE_CLASSPATH | Oracle WebLogic Server 12c v1r6 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| WBLC-08-000214 - Oracle WebLogic must utilize NSA-approved cryptography when protecting classified compartmentalized data - PRE_CLASSPATH | Oracle WebLogic Server 12c v1r6 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WDNS-SC-000031 - The Windows 2012 DNS Server must implement NIST FIPS-validated cryptography for provisioning digital signatures, generating cryptographic hashes, and protecting unclassified information requiring confidentiality. | DISA Microsoft Windows 2012 Server DNS STIG v2r7 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN12-SO-000074 - The system must be configured to use FIPS-compliant algorithms for encryption, hashing, and signing. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
