Item Search

Name	Audit Name	Plugin	Category
AIX7-00-002097 - AIX must protect the confidentiality and integrity of transmitted information during preparation for transmission and maintain the confidentiality and integrity of information during reception and disable all non-encryption network access methods.	DISA STIG AIX 7.x v2r9	Unix	MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION
AOSX-13-000605 - The macOS system must not use telnet.	DISA STIG Apple Mac OSX 10.13 v2r5	Unix	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, MAINTENANCE
AOSX-15-000011 - The macOS system must implement DoD-approved encryption to protect the confidentiality and integrity of remote access sessions, including transmitted data and data during preparation for transmission, and use replay-resistant authentication mechanisms and implement cryptographic mechanisms to protect the integrity of and verify remote disconnection at the termination of nonlocal maintenance and diagnostic communications - OpenSSH version	DISA STIG Apple Mac OSX 10.15 v1r10	Unix	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION
AOSX-15-000011 - The macOS system must implement DoD-approved encryption to protect the confidentiality and integrity of remote access sessions, including transmitted data and data during preparation for transmission, and use replay-resistant authentication mechanisms and implement cryptographic mechanisms to protect the integrity of and verify remote disconnection at the termination of nonlocal maintenance and diagnostic communications - SSHD currently running	DISA STIG Apple Mac OSX 10.15 v1r10	Unix	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION
AOSX-15-000011 - The macOS system must implement DoD-approved encryption to protect the confidentiality and integrity of remote access sessions, including transmitted data and data during preparation for transmission, and use replay-resistant authentication mechanisms and implement cryptographic mechanisms to protect the integrity of and verify remote disconnection at the termination of nonlocal maintenance and diagnostic communications - SSHD service disabled	DISA STIG Apple Mac OSX 10.15 v1r10	Unix	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION
APPL-11-000011 - The macOS system must disable the SSHD service.	DISA STIG Apple macOS 11 v1r8	Unix	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION
APPL-11-000011 - The macOS system must disable the SSHD service.	DISA STIG Apple macOS 11 v1r5	Unix	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION
APPL-13-000056 - The macOS system must implement approved Key Exchange Algorithms within the SSH server configuration.	DISA STIG Apple macOS 13 v1r4	Unix	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, MAINTENANCE
APPL-14-000054 - The macOS system must limit SSHD to FIPS-compliant connections.	DISA Apple macOS 14 (Sonoma) STIG v1r2	Unix	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION
Big Sur - Limit SSH to FIPS 140 Validated Message Authentication Code Algorithms	NIST macOS Big Sur v1.4.0 - 800-53r5 High	Unix	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION
Big Sur - Limit SSH to FIPS 140 Validated Message Authentication Code Algorithms	NIST macOS Big Sur v1.4.0 - 800-53r5 Moderate	Unix	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION
Catalina - Enable SSH for Remote Access Sessions	NIST macOS Catalina v1.5.0 - All Profiles	Unix	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION
DKER-EE-001070 - FIPS mode must be enabled on all Docker Engine - Enterprise nodes - docker info .SecurityOptions	DISA STIG Docker Enterprise 2.x Linux/Unix v2r1	Unix	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION
DKER-EE-001070 - FIPS mode must be enabled on all Docker Engine - Enterprise nodes. - docker info .SecurityOptions	DISA STIG Docker Enterprise 2.x Linux/Unix v1r1	Unix	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION
OL07-00-040110 - The Oracle Linux 7 operating system must implement DoD-approved encryption to protect the confidentiality of SSH connections.	DISA Oracle Linux 7 STIG v2r14	Unix	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, MAINTENANCE
SLES-12-030170 - The SUSE operating system must implement DoD-approved encryption to protect the confidentiality of SSH remote connections.	DISA SLES 12 STIG v2r13	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, MAINTENANCE
SOL-11.1-050240 - The boundary protection system (firewall) must be configured to deny network traffic by default and must allow network traffic by exception (i.e., deny all, permit by exception).	DISA STIG Solaris 11 SPARC v2r10	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, MAINTENANCE
SOL-11.1-050240 - The boundary protection system (firewall) must be configured to deny network traffic by default and must allow network traffic by exception (i.e., deny all, permit by exception).	DISA STIG Solaris 11 X86 v2r10	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, MAINTENANCE
VCSA-70-000077 - The vCenter Server must enable FIPS-validated cryptography.	DISA STIG VMware vSphere 7.0 vCenter v1r3	VMware	IDENTIFICATION AND AUTHENTICATION, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION

Detections

Analytics

Item Search