1.7.14 TLS Cipher Suite Ordering | CIS IIS 8.0 v1.4.0 Level 2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
1.8 Set 'External send connector authentication: Ignore Start TLS' to 'False' | CIS Microsoft Exchange Server 2016 Edge v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
1.12 Set 'External send connector authentication: Domain Security' to 'True' | CIS Microsoft Exchange Server 2016 Edge v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
2.6 Configure TLS authentication for Docker daemon --tlscert | CIS Docker 1.13.0 v1.0.0 L1 Docker | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
2.6 Configure TLS authentication for Docker daemon -tlsverify | CIS Docker 1.12.0 v1.0.0 L1 Docker | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
2.6.1 Enable FileVault - Encryption Status | CIS Apple OSX 10.10 Yosemite L1 v1.1.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
2.6.1 Enable FileVault - Encryption Type | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
2.10 Set 'Configure startup mode' to 'TLS' | CIS Microsoft Exchange Server 2013 UM v1.1.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
2.25.5 Ensure 'Protect Document Metadata for Rights Managed Office Open XML Files' is set to Enabled | CIS Microsoft Office 2013 v1.1.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
2.25.6 Ensure 'Protect Document Metadata for Password Protected Files' is set to Enabled | CIS Microsoft Office 2016 v1.1.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
2.25.10 Ensure 'Disable Password to Open UI' is set to Disabled | CIS Microsoft Office 2016 v1.1.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
3.2.1.10 Ensure 'Allow users to accept untrusted TLS certificates' is set to 'Disabled' | AirWatch - CIS Apple iOS 10 v2.0.0 Institution Owned L2 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
3.2.1.10 Ensure 'Allow users to accept untrusted TLS certificates' is set to 'Disabled' | MobileIron - CIS Apple iOS 10 v2.0.0 Institution Owned L2 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
3.2.1.10 Ensure 'Allow users to accept untrusted TLS certificates' is set to 'Disabled' | MobileIron - CIS Apple iOS 11 v1.0.0 Institution Owned L2 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
3.2.1.10 Ensure 'Allow users to accept untrusted TLS certificates' is set to 'Disabled' | AirWatch - CIS Apple iOS 12 v1.0.0 Institution Owned L2 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
3.3.1 dnssec-keygen Algorithms 'HMAC-SHA256' | CIS ISC BIND 9.0/9.5 v2.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
3.3.1 dnssec-keygen Algorithms 'IN KEY' | CIS ISC BIND 9.0/9.5 v2.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
3.21 - FIPS Compliant cryptographic Module should be used - PRE_CLASSPATH | TNS Oracle WebLogic Server 11 Windows Best Practices | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
4.1 Use TSIG Keys 256 Bits in Length | CIS BIND DNS v3.0.0 Authoritative Name Server | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
5.2.11 Ensure only approved ciphers are used | CIS SUSE Linux Enterprise Workstation 11 L1 v2.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
5.2.11 Ensure only approved MAC algorithms are used | CIS Ubuntu Linux 14.04 LTS Server L1 v2.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
5.3.4 Ensure password hashing algorithm is SHA-512 | CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
6 - Encryption | TNS Best Practice Jetty 9 Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
6.4 Ensure secure is set to true only for SSL-enabled Connectors (verify secure is set to true) | CIS Apache Tomcat 7 L1 v1.1.0 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
7.1 Ensure HSTS Header is set | CIS IIS 8.0 v1.5.1 Level 2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
7.3 Ensure SSLv3 is disabled | CIS IIS 8.0 v1.5.1 Level 1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
7.9 Ensure RC2 Cipher Suites is disabled - RC2 56/128 | CIS IIS 7 L1 v1.8.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
7.10 Ensure Password Encryption Uses SHA algorithms 'CRYPT_ALGORITHMS_ALLOW' | CIS Solaris 10 v5.2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
7.10 Ensure Password Encryption Uses SHA algorithms 'CRYPT_DEFAULT' | CIS Solaris 10 v5.2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
7.10 Ensure RC4 Cipher Suites is disabled - RC4 56/128 | CIS IIS 7 L1 v1.8.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
7.10 Ensure RC4 Cipher Suites is disabled - RC4 128/128 | CIS IIS 7 L1 v1.8.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
7.12 Ensure AES 128/128 Cipher Suite is configured | CIS IIS 7 L1 v1.8.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
7.13 Ensure AES 256/256 Cipher Suite is enabled - Enabled | CIS IIS 8.0 v1.5.1 Level 1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
7.13 Ensure AES 256/256 Cipher Suite is enabled - Enabled | CIS IIS 7 L1 v1.8.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
9.3.11 Use Only Approved Cipher in Counter Mode | CIS Debian Linux 7 L1 v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
9.3.11 Use Only Approved Cipher in Counter Mode | CIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
29 - Ensure secure is set to true only for SSL-enabled Connectors | TNS Best Practice Jetty 9 Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
Brocade : 'Enable HTTPS' | TNS Brocade FabricOS Best Practices | Brocade | SYSTEM AND COMMUNICATIONS PROTECTION |
Brocade : 'Enable SFTP IPv4' | TNS Brocade FabricOS Best Practices | Brocade | SYSTEM AND COMMUNICATIONS PROTECTION |
Brocade : 'Ensure a SSL certificate file is established' | TNS Brocade FabricOS Best Practices | Brocade | SYSTEM AND COMMUNICATIONS PROTECTION |
Encrypt Communication - config - 'sslCAFile' | TNS MongoDB 2.4 Best Practices Linux OS Audit v1.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
Encrypt Communication - config - 'sslPEMKeyFile' | TNS MongoDB 2.4 Best Practices Linux OS Audit v1.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
Encryption Oracle Remediation | MSCT Windows 10 1809 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
Encryption type for password protected Office Open XML files | MSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
HTTP vs. HTTPS - ssl | ArubaOS Switch 16.x Hardening Guide v1.0.0 | ArubaOS | SYSTEM AND COMMUNICATIONS PROTECTION |
Huawei: Enable SSH | TNS Huawei VRP Best Practice Audit | Huawei | SYSTEM AND COMMUNICATIONS PROTECTION |
Routing Protocol Security - Select the strongest algorithm that is supported by your equipment and your neighbors - ISIS | Juniper Hardening JunOS 12 Devices Checklist | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
Routing Protocol Security - Select the strongest algorithm that is supported by your equipment and your neighbors - RIP | Juniper Hardening JunOS 12 Devices Checklist | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
TEM Client Encryption - '_BESClient_Report_Encryption value = required' | TNS IBM Tivoli Enterprise Client Linux Best Practices | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
Turn off encryption support | MSCT Windows 10 1803 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |