| AADC-CL-000955 - Adobe Acrobat Pro DC Classic FIPS mode must be enabled. | DISA STIG Adobe Acrobat Pro DC Classic Track v1r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| ADBP-XI-000955 - Adobe Acrobat Pro XI FIPS mode must be enabled. | DISA STIG ADOBE ACROBAT PROFESSIONAL (PRO) XI v1r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| ARDC-CL-000345 - Adobe Reader DC must enable FIPS mode. | DISA STIG Adobe Acrobat Reader DC Classic Track v1r5 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| BIND-9X-001120 - A BIND 9.x server must implement NIST FIPS-validated cryptography for provisioning digital signatures and generating cryptographic hashes - zones | DISA BIND 9.x STIG v1r9 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| CASA-VN-000190 - The Cisco ASA must be configured to use a FIPS-validated cryptographic module to generate cryptographic hashes - IKE Phase 1 | DISA STIG Cisco ASA VPN v2r1 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CASA-VN-000190 - The Cisco ASA must be configured to use a FIPS-validated cryptographic module to generate cryptographic hashes - IPsec SA | DISA STIG Cisco ASA VPN v2r1 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CASA-VN-000200 - The Cisco ASA must be configured to use a FIPS-validated cryptographic module to implement IPsec encryption services. | DISA STIG Cisco ASA VPN v2r1 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CASA-VN-000340 - The Cisco ASA VPN gateway must use cryptographic algorithms approved by NSA to protect NSS when transporting classified traffic across an unclassified network - crypto map | DISA STIG Cisco ASA VPN v2r1 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CASA-VN-000340 - The Cisco ASA VPN gateway must use cryptographic algorithms approved by NSA to protect NSS when transporting classified traffic across an unclassified network - encryption | DISA STIG Cisco ASA VPN v2r1 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CASA-VN-000340 - The Cisco ASA VPN gateway must use cryptographic algorithms approved by NSA to protect NSS when transporting classified traffic across an unclassified network - group | DISA STIG Cisco ASA VPN v2r1 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CASA-VN-000340 - The Cisco ASA VPN gateway must use cryptographic algorithms approved by NSA to protect NSS when transporting classified traffic across an unclassified network - integrity | DISA STIG Cisco ASA VPN v2r1 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CASA-VN-000340 - The Cisco ASA VPN gateway must use cryptographic algorithms approved by NSA to protect NSS when transporting classified traffic across an unclassified network - prf | DISA STIG Cisco ASA VPN v2r1 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CASA-VN-000760 - The Cisco ASA VPN remote access server must be configured to use an approved High Assurance Commercial Solution for Classified (CSfC) cryptographic algorithm for remote access to a classified network - crypto map | DISA STIG Cisco ASA VPN v2r1 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CASA-VN-000760 - The Cisco ASA VPN remote access server must be configured to use an approved High Assurance Commercial Solution for Classified (CSfC) cryptographic algorithm for remote access to a classified network - encryption | DISA STIG Cisco ASA VPN v2r1 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CASA-VN-000760 - The Cisco ASA VPN remote access server must be configured to use an approved High Assurance Commercial Solution for Classified (CSfC) cryptographic algorithm for remote access to a classified network - group | DISA STIG Cisco ASA VPN v2r1 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CASA-VN-000760 - The Cisco ASA VPN remote access server must be configured to use an approved High Assurance Commercial Solution for Classified (CSfC) cryptographic algorithm for remote access to a classified network - integrity | DISA STIG Cisco ASA VPN v2r1 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CASA-VN-000760 - The Cisco ASA VPN remote access server must be configured to use an approved High Assurance Commercial Solution for Classified (CSfC) cryptographic algorithm for remote access to a classified network - ipsec-proposal | DISA STIG Cisco ASA VPN v2r1 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| DB2X-00-008600 - DB2 must use NSA-approved cryptography to protect classified information in accordance with the data owners requirements - SSL_CIPHERSPECS | DISA STIG IBM DB2 v10.5 LUW v1r4 Database | IBM_DB2DB | SYSTEM AND COMMUNICATIONS PROTECTION |
| EP11-00-012700 - The EDB Postgres Advanced Server must implement NIST FIPS 140-2 validated cryptographic modules to provision digital signatures. - openssl_conf | EDB PostgreSQL Advanced Server v11 Windows OS Audit v1r1 | Windows | CONFIGURATION MANAGEMENT |
| ESXI-67-100010 - The ESXi host SSH daemon must be configured to only use FIPS 140-2 approved ciphers. | DISA STIG VMware vSphere 6.7 ESXi OS v1r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| ESXI-70-000274 - The ESXi host SSH daemon must be configured to only use FIPS 140-2 validated ciphers. | DISA STIG VMware vSphere 7.0 ESXi OS v1r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| F5BI-LT-000291 - The BIG-IP Core implementation must be configured to implement NIST FIPS-validated cryptography to generate cryptographic hashes when providing encryption traffic to virtual servers. | DISA F5 BIG-IP Local Traffic Manager 11.x STIG v1r3 | F5 | SYSTEM AND COMMUNICATIONS PROTECTION |
| F5BI-LT-000293 - The BIG-IP Core implementation must be configured to implement NIST FIPS-validated cryptography for digital signatures when providing encrypted traffic to virtual servers. | DISA F5 BIG-IP Local Traffic Manager 11.x STIG v1r3 | F5 | SYSTEM AND COMMUNICATIONS PROTECTION |
| MADB-10-008400 - MariaDB must use NSA-approved cryptography to protect classified information in accordance with the data owner's requirements. | DISA MariaDB Enterprise 10.x v2r1 DB | MySQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| MADB-10-012100 - MariaDB must implement NIST FIPS 140-2 validated cryptographic modules to provision digital signatures. | DISA MariaDB Enterprise 10.x v2r1 DB | MySQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| MADB-10-012100 - MariaDB must implement NIST FIPS 140-2 validated cryptographic modules to provision digital signatures. | DISA MariaDB Enterprise 10.x v2r1 OS Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| MADB-10-012200 - MariaDB must implement NIST FIPS 140-2 validated cryptographic modules to generate and validate cryptographic hashes. | DISA MariaDB Enterprise 10.x v2r1 OS Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| MADB-10-012300 - MariaDB must implement NIST FIPS 140-2 validated cryptographic modules to protect unclassified information requiring confidentiality and cryptographic protection, in accordance with the data owners requirements. | DISA MariaDB Enterprise 10.x v2r1 OS Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| MADB-10-012300 - MariaDB must implement NIST FIPS 140-2 validated cryptographic modules to protect unclassified information requiring confidentiality and cryptographic protection, in accordance with the data owners requirements. | DISA MariaDB Enterprise 10.x v2r1 DB | MySQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| MYS8-00-011600 - The MySQL Database Server 8.0 must implement NIST FIPS 140-2 or 140-3 validated cryptographic modules to provision digital signatures. | DISA Oracle MySQL 8.0 v2r1 DB | MySQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| PHTN-30-000240 - The Photon operating system must implement NIST FIPS-validated cryptography for the following: to provision digital signatures, generate cryptographic hashes, and protect unclassified information requiring confidentiality and cryptographic protection in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards. | DISA STIG VMware vSphere 7.0 Photon OS v1r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| PPS9-00-012700 - The EDB Postgres Advanced Server must implement NIST FIPS 140-2 validated cryptographic modules to provision digital signatures. | EDB PostgreSQL Advanced Server OS Linux Audit v1r7 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| PPS9-00-012800 - The EDB Postgres Advanced Server must implement NIST FIPS 140-2 validated cryptographic modules to generate and validate cryptographic hashes. | EDB PostgreSQL Advanced Server OS Linux Audit v1r7 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| PPS9-00-012900 - The EDB Postgres Advanced Server must implement NIST FIPS 140-2 validated cryptographic modules to protect unclassified information requiring confidentiality and cryptographic protection, in accordance with the requirements of the data owner. | EDB PostgreSQL Advanced Server OS Linux Audit v1r7 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| SLES-15-010510 - FIPS 140-2 mode must be enabled on the SUSE operating system. | DISA SLES 15 STIG v2r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| SP13-00-000090 - SharePoint must employ FIPS-validated cryptography to protect unclassified information. | DISA STIG SharePoint 2013 v1r8 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| SP13-00-000095 - SharePoint must employ NSA-approved cryptography to protect classified information. | DISA STIG SharePoint 2013 v1r8 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| SQL2-00-019500 - SQL Server must implement required cryptographic protections using cryptographic modules complying with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance. | DISA STIG SQL Server 2012 Database Audit v1r20 | MS_SQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| SQL2-00-019601 - SQL Server databases in the unclassified environment, containing sensitive information, must be encrypted using approved cryptography. | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| SQL2-00-019800 - SQL Server must employ NSA-approved cryptography to protect classified information. | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| UBTU-22-671010 - Ubuntu 22.04 LTS must implement NIST FIPS-validated cryptography to protect classified information and for the following: To provision digital signatures, to generate cryptographic hashes, and to protect unclassified information requiring confidentiality and cryptographic protection in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards. | DISA STIG Canonical Ubuntu 22.04 LTS v2r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| WBSP-AS-001370 - The WebSphere Application Server must use DoD-approved Signer Certificates. | DISA IBM WebSphere Traditional 9 Windows STIG v1r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WBSP-AS-001370 - The WebSphere Application Server must use DoD-approved Signer Certificates. | DISA IBM WebSphere Traditional 9 STIG v1r1 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| WDNS-SC-000001 - The salt value for zones signed using NSEC3 RRs must be changed every time the zone is completely re-signed. | DISA Microsoft Windows 2012 Server DNS STIG v1r14 | Windows | CONFIGURATION MANAGEMENT |
| WDNS-SC-000031 - The Windows 2012 DNS Server must implement NIST FIPS-validated cryptography for provisioning digital signatures, generating cryptographic hashes, and protecting unclassified information requiring confidentiality. | DISA Microsoft Windows 2012 Server DNS STIG v1r14 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN08-SO-000074 - The system must be configured to use FIPS-compliant algorithms for encryption, hashing, and signing. | DISA Windows 8/8.1 STIG v1r23 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN10-SO-000230 - The system must be configured to use FIPS-compliant algorithms for encryption, hashing, and signing. | DISA Windows 10 STIG v2r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN11-SO-000230 - The system must be configured to use FIPS-compliant algorithms for encryption, hashing, and signing. | DISA Windows 11 STIG v2r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN22-DC-000140 - Windows Server 2022 must use separate, NSA-approved (Type 1) cryptography to protect the directory data in transit for directory service implementations at a classified confidentiality level when replication data traverses a network cleared to a lower level than the data. | DISA Windows Server 2022 STIG v2r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN22-SO-000360 - Windows Server 2022 must be configured to use FIPS-compliant algorithms for encryption, hashing, and signing. | DISA Windows Server 2022 STIG v2r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
