| AOSX-14-000011 - The macOS system must implement DoD-approved encryption to protect the confidentiality and integrity of remote access sessions including transmitted data and data during preparation for transmission - OpenSSH version | DISA STIG Apple Mac OSX 10.14 v2r6 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| AOSX-14-000011 - The macOS system must implement DoD-approved encryption to protect the confidentiality and integrity of remote access sessions including transmitted data and data during preparation for transmission - SSHD service disabled | DISA STIG Apple Mac OSX 10.14 v2r6 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| AOSX-15-000011 - The macOS system must implement DoD-approved encryption to protect the confidentiality and integrity of remote access sessions, including transmitted data and data during preparation for transmission, and use replay-resistant authentication mechanisms and implement cryptographic mechanisms to protect the integrity of and verify remote disconnection at the termination of nonlocal maintenance and diagnostic communications - OpenSSH version | DISA STIG Apple Mac OSX 10.15 v1r10 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION |
| AOSX-15-000011 - The macOS system must implement DoD-approved encryption to protect the confidentiality and integrity of remote access sessions, including transmitted data and data during preparation for transmission, and use replay-resistant authentication mechanisms and implement cryptographic mechanisms to protect the integrity of and verify remote disconnection at the termination of nonlocal maintenance and diagnostic communications - SSHD currently running | DISA STIG Apple Mac OSX 10.15 v1r10 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION |
| AOSX-15-000011 - The macOS system must implement DoD-approved encryption to protect the confidentiality and integrity of remote access sessions, including transmitted data and data during preparation for transmission, and use replay-resistant authentication mechanisms and implement cryptographic mechanisms to protect the integrity of and verify remote disconnection at the termination of nonlocal maintenance and diagnostic communications - SSHD service disabled | DISA STIG Apple Mac OSX 10.15 v1r10 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION |
| APPL-11-000011 - The macOS system must disable the SSHD service. | DISA STIG Apple macOS 11 v1r5 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION |
| APPL-11-000011 - The macOS system must disable the SSHD service. | DISA STIG Apple macOS 11 v1r8 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION |
| AS24-U1-000030 - The Apache web server must use cryptography to protect the integrity of remote sessions - ssl_module | DISA STIG Apache Server 2.4 Unix Server v3r1 Middleware | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| AS24-U1-000030 - The Apache web server must use cryptography to protect the integrity of remote sessions - SSLProtocol | DISA STIG Apache Server 2.4 Unix Server v3r1 Middleware | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| AS24-U1-000030 - The Apache web server must use cryptography to protect the integrity of remote sessions. | DISA STIG Apache Server 2.4 Unix Server v3r1 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| AS24-U2-000030 - The Apache web server must use encryption strength in accordance with the categorization of data hosted by the Apache web server when remote connections are provided. | DISA STIG Apache Server 2.4 Unix Site v2r4 Middleware | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| AS24-U2-000030 - The Apache web server must use encryption strength in accordance with the categorization of data hosted by the Apache web server when remote connections are provided. | DISA STIG Apache Server 2.4 Unix Site v2r4 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| AS24-W1-000030 - The Apache web server must use encryption strength in accordance with the categorization of data hosted by the Apache web server when remote connections are provided - ssl_module | DISA STIG Apache Server 2.4 Windows Server v3r1 | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| AS24-W1-000030 - The Apache web server must use encryption strength in accordance with the categorization of data hosted by the Apache web server when remote connections are provided - SSLProtocol | DISA STIG Apache Server 2.4 Windows Server v2r3 | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| AS24-W2-000890 - An Apache web server must maintain the confidentiality of controlled information during transmission through the use of an approved TLS version - SSLEngine | DISA STIG Apache Server 2.4 Windows Site v2r1 | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| AS24-W2-000890 - An Apache web server must maintain the confidentiality of controlled information during transmission through the use of an approved TLS version - SSLProtocol | DISA STIG Apache Server 2.4 Windows Site v2r1 | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| Catalina - Enable SSH for Remote Access Sessions | NIST macOS Catalina v1.5.0 - All Profiles | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION |
| DKER-EE-001070 - FIPS mode must be enabled on all Docker Engine - Enterprise nodes - docker info .SecurityOptions | DISA STIG Docker Enterprise 2.x Linux/Unix v2r2 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION |
| SOL-11.1-050240 - The boundary protection system (firewall) must be configured to deny network traffic by default and must allow network traffic by exception (i.e., deny all, permit by exception). | DISA STIG Solaris 11 X86 v3r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, MAINTENANCE |
| SOL-11.1-050240 - The boundary protection system (firewall) must be configured to deny network traffic by default and must allow network traffic by exception (i.e., deny all, permit by exception). | DISA STIG Solaris 11 SPARC v3r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, MAINTENANCE |
| VCFL-67-000006 - vSphere Client must be configured to enable SSL/TLS. | DISA STIG VMware vSphere 6.7 Virgo Client v1r2 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| VCSA-70-000009 - The vCenter Server must use TLS 1.2, at a minimum, to protect the confidentiality of sensitive data during electronic dissemination using remote access. | DISA STIG VMware vSphere 7.0 vCenter v1r3 | VMware | ACCESS CONTROL, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| VCSA-80-000009 The vCenter Server must use DOD-approved encryption to protect the confidentiality of network sessions. | DISA VMware vSphere 8.0 vCenter STIG v2r1 | VMware | ACCESS CONTROL, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
