| 1.5.9 Ensure NIST FIPS-validated cryptography is configured - etc | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.5.9 Ensure NIST FIPS-validated cryptography is configured - grub | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.5.9 Ensure NIST FIPS-validated cryptography is configured - proc | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.5.9 Ensure NIST FIPS-validated cryptography is configured - rpm | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| AADC-CL-000955 - Adobe Acrobat Pro DC Classic FIPS mode must be enabled. | DISA STIG Adobe Acrobat Pro DC Classic Track v2r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIX7-00-001108 - AIX must implement NIST FIPS-validated cryptography for the following: to provision digital signatures, to generate cryptographic hashes, and to protect unclassified information requiring confidentiality and cryptographic protection in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards. | DISA STIG AIX 7.x v2r9 | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| AOSX-13-000570 - The macOS system must implement NSA-approved cryptography to protect classified information in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards. | DISA STIG Apple Mac OSX 10.13 v2r5 | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| AOSX-13-000750 - The macOS system must issue or obtain public key certificates under an appropriate certificate policy from an approved service provider. | DISA STIG Apple Mac OSX 10.13 v2r5 | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| AOSX-14-003001 - The macOS system must issue or obtain public key certificates under an appropriate certificate policy from an approved service provider. | DISA STIG Apple Mac OSX 10.14 v2r6 | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| AOSX-15-003001 - The macOS system must issue or obtain public key certificates under an appropriate certificate policy from an approved service provider. | DISA STIG Apple Mac OSX 10.15 v1r10 | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| APPL-11-003001 - The macOS system must issue or obtain public key certificates under an appropriate certificate policy from an approved service provider. | DISA STIG Apple macOS 11 v1r5 | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| APPL-11-003001 - The macOS system must issue or obtain public key certificates under an appropriate certificate policy from an approved service provider. | DISA STIG Apple macOS 11 v1r8 | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| APPL-12-003001 - The macOS system must issue or obtain public key certificates under an appropriate certificate policy from an approved service provider. | DISA STIG Apple macOS 12 v1r9 | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| APPL-13-003001 - The macOS system must issue or obtain public key certificates under an appropriate certificate policy from an approved service provider. | DISA STIG Apple macOS 13 v1r4 | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| APPL-14-000057 - The macOS system must limit SSH to FIPS-compliant connections. | DISA Apple macOS 14 (Sonoma) STIG v2r1 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| APPL-15-000057 - The macOS system must limit SSH to FIPS-compliant connections. | DISA Apple macOS 15 (Sequoia) STIG v1r1 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| DKER-EE-006240 - Docker Enterprise data exchanged between Linux containers on different nodes must be encrypted on the overlay network. | DISA STIG Docker Enterprise 2.x Linux/Unix v2r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| EP11-00-004900 - The EDB Postgres Advanced Server must use NIST FIPS 140-2 or 140-3 validated cryptographic modules for all cryptographic operations including generation of cryptographic hashes and data protection - version | EDB PostgreSQL Advanced Server v11 DB Audit v2r4 | PostgreSQLDB | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| EP11-00-004900 - The EDB Postgres Advanced Server must use NIST FIPS 140-2 or 140-3 validated cryptographic modules for all cryptographic operations including generation of cryptographic hashes and data protection. | EDB PostgreSQL Advanced Server v11 Windows OS Audit v2r4 | Windows | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| F5BI-LT-000291 - The BIG-IP Core implementation must be configured to implement NIST FIPS-validated cryptography to generate cryptographic hashes when providing encryption traffic to virtual servers. | DISA F5 BIG-IP Local Traffic Manager STIG v2r3 | F5 | SYSTEM AND COMMUNICATIONS PROTECTION |
| F5BI-LT-000293 - The BIG-IP Core implementation must be configured to implement NIST FIPS-validated cryptography for digital signatures when providing encrypted traffic to virtual servers. | DISA F5 BIG-IP Local Traffic Manager STIG v2r3 | F5 | SYSTEM AND COMMUNICATIONS PROTECTION |
| F5BI-LT-000295 - The BIG-IP Core implementation must be configured to use NIST FIPS-validated cryptography to implement encryption services when providing encrypted traffic to virtual servers. | DISA F5 BIG-IP Local Traffic Manager STIG v2r3 | F5 | SYSTEM AND COMMUNICATIONS PROTECTION |
| MD3X-00-000380 - MongoDB must use NIST FIPS 140-2-validated cryptographic modules for cryptographic operations. | DISA STIG MongoDB Enterprise Advanced 3.x v2r3 OS | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| OL6-00-000534 - The Oracle Linux 6 operating system must implement NIST FIPS-validated cryptography for the following: to provision digital signatures, to generate cryptographic hashes, and to protect data requiring data-at-rest protections in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards. | DISA STIG Oracle Linux 6 v2r7 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| OL07-00-021350 - The Oracle Linux operating system must implement NIST FIPS-validated cryptography for the following: to provision digital signatures, to generate cryptographic hashes, and to protect data requiring data-at-rest protections in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards - grub. | DISA Oracle Linux 7 STIG v2r14 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| OL07-00-021350 - The Oracle Linux operating system must implement NIST FIPS-validated cryptography for the following: to provision digital signatures, to generate cryptographic hashes, and to protect data requiring data-at-rest protections in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards - rpm. | DISA Oracle Linux 7 STIG v2r14 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| OL07-00-021350 - The Oracle Linux operating system must implement NIST FIPS-validated cryptography for the following: to provision digital signatures, to generate cryptographic hashes, and to protect data requiring data-at-rest protections in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards. | DISA Oracle Linux 7 STIG v2r14 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| PHTN-30-000009 - The Photon operating system must configure sshd to use approved encryption algorithms. | DISA STIG VMware vSphere 7.0 Photon OS v1r3 | Unix | ACCESS CONTROL, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION |
| PHTN-67-000009 - The Photon operating system must configure sshd to use approved encryption algorithms. | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | ACCESS CONTROL, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION |
| PHTN-67-000067 - The Photon operating system must configure sshd to use FIPS 140-2 ciphers. | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-06-000534 - The Red Hat Enterprise Linux operating system must implement NIST FIPS-validated cryptography for the following: to provision digital signatures, to generate cryptographic hashes, and to protect data requiring data-at-rest protections in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards - grub | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-06-000534 - The Red Hat Enterprise Linux operating system must implement NIST FIPS-validated cryptography for the following: to provision digital signatures, to generate cryptographic hashes, and to protect data requiring data-at-rest protections in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards - proc | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-07-021350 - The Red Hat Enterprise Linux operating system must implement NIST FIPS-validated cryptography for the following: to provision digital signatures, to generate cryptographic hashes, and to protect data requiring data-at-rest protections in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-09-671010 - RHEL 9 must enable FIPS mode. | DISA Red Hat Enterprise Linux 9 STIG v2r2 | Unix | ACCESS CONTROL, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-09-672010 - RHEL 9 must have the crypto-policies package installed. | DISA Red Hat Enterprise Linux 9 STIG v2r2 | Unix | MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-09-672020 - RHEL 9 crypto policy must not be overridden. | DISA Red Hat Enterprise Linux 9 STIG v2r2 | Unix | MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-09-672045 - RHEL 9 must implement a systemwide encryption policy. | DISA Red Hat Enterprise Linux 9 STIG v2r2 | Unix | MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION |
| SOL-11.1-060060 - The operating system must employ FIPS-validate or NSA-approved cryptography to implement digital signatures. | DISA STIG Solaris 11 X86 v3r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| SP13-00-000095 - SharePoint must employ NSA-approved cryptography to protect classified information. | DISA STIG SharePoint 2013 v2r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| SPLK-CL-000390 - Splunk Enterprise must be installed in FIPS mode to implement NIST FIPS-approved cryptography for all cryptographic functions. | DISA STIG Splunk Enterprise 8.x for Linux v2r1 STIG REST API | Splunk | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| SQL4-00-031100 - SQL Server must use NIST FIPS 140-2 or 140-3 validated cryptographic modules for cryptographic operations. | DISA STIG SQL Server 2014 Instance OS Audit v2r4 | Windows | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| SQL6-D0-015800 - SQL Server must implement NIST FIPS 140-2 or 140-3 validated cryptographic modules to protect unclassified information requiring confidentiality and cryptographic protection, in accordance with the data owners requirements. | DISA STIG SQL Server 2016 Instance OS Audit v3r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| UBTU-18-010005 - The Ubuntu operating system must implement NIST FIPS-validated cryptography to protect classified information and for the following: to provision digital signatures, to generate cryptographic hashes, and to protect unclassified information requiring confidentiality and cryptographic protection in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards. | DISA STIG Ubuntu 18.04 LTS v2r15 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| VCLD-70-000002 - VAMI must be configured with FIPS 140-2 compliant ciphers for HTTPS connections. | DISA STIG VMware vSphere 7.0 VAMI v1r2 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| VCRP-70-000003 - Envoy must be configured to operate in FIPS mode. | DISA STIG VMware vSphere 7.0 RhttpProxy v1r1 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| WN10-SO-000230 - The system must be configured to use FIPS-compliant algorithms for encryption, hashing, and signing. | DISA Windows 10 STIG v3r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN12-AD-000011-DC - Separate, NSA-approved (Type 1) cryptography must be used to protect the directory data-in-transit for directory service implementations at a classified confidentiality level when replication data traverses a network cleared to a lower level than the data - Type 1 cryptography must be used to protect the directory data-in-transit for directory service implementations at a classified confidentiality level when replication data traverses a network cleared to a lower level than the data. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN16-SO-000430 - Windows Server 2016 must be configured to use FIPS-compliant algorithms for encryption, hashing, and signing. | DISA Windows Server 2016 STIG v2r9 | Windows | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| WN19-DC-000140 - Windows Server 2019 must use separate, NSA-approved (Type 1) cryptography to protect the directory data in transit for directory service implementations at a classified confidentiality level when replication data traverses a network cleared to a lower level than the data. | DISA Windows Server 2019 STIG v3r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN19-SO-000360 - Windows Server 2019 must be configured to use FIPS-compliant algorithms for encryption, hashing, and signing. | DISA Windows Server 2019 STIG v3r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
