Item Search

NameAudit NamePluginCategory
3.154 - The use of DES encryption suites must not be allowed for Kerberos encryption.DISA Windows Server 2008 R2 DC STIG v1r34Windows

SYSTEM AND COMMUNICATIONS PROTECTION

3.154 - The use of DES encryption suites must not be allowed for Kerberos encryption.DISA Windows 7 STIG v1r32Windows

SYSTEM AND COMMUNICATIONS PROTECTION

3.154 - The use of DES encryption suites must not be allowed for Kerberos encryption.DISA Windows Server 2008 R2 MS STIG v1r33Windows

SYSTEM AND COMMUNICATIONS PROTECTION

AMLS-L3-000250 - The Arista Multilayer Switch must encrypt all methods of configured authentication for the OSPF routing protocol - ipv6 OSPF checksDISA STIG Arista MLS DCS-7000 Series RTR v1r3Arista
AMLS-L3-000320 - Arista MLS must not enable the RIP routing protocol.DISA STIG Arista MLS DCS-7000 Series RTR V1R2Arista

CONFIGURATION MANAGEMENT

AMLS-NM-200825 - Arista MLS must use FIPS-compliant mechanisms for authentication to a cryptographic module - entropy sourceDISA STIG Arista MLS DCS-7000 Series NDM V1R2Arista

SYSTEM AND COMMUNICATIONS PROTECTION

AMLS-NM-200825 - Arista MLS must use FIPS-compliant mechanisms for authentication to a cryptographic module - SSH FIPSDISA STIG Arista MLS DCS-7000 Series NDM V1R2Arista

SYSTEM AND COMMUNICATIONS PROTECTION

ARST-ND-000470 - The Arista network device must use FIPS 140-2 approved algorithms for authentication to a cryptographic module.DISA STIG Arista MLS EOS 4.2x NDM v2r1Arista

IDENTIFICATION AND AUTHENTICATION

CASA-VN-000230 - The Cisco ASA must be configured to use FIPS-validated SHA-2 at 384 bits or higher for Internet Key Exchange (IKE) Phase 1 - IKE Phase 1.DISA STIG Cisco ASA VPN v2r1Cisco

IDENTIFICATION AND AUTHENTICATION

CD12-00-012800 - The DBMS must be configured on a platform that has a NIST certified FIPS 140-2 or 140-3 installation of OpenSSL.DISA STIG Crunchy Data PostgreSQL OS v3r1Unix

IDENTIFICATION AND AUTHENTICATION

CISC-L2-000030 - The Cisco switch must authenticate all VLAN Trunk Protocol (VTP) messages with a hash function using the most secured cryptographic algorithm available.DISA STIG Cisco NX-OS Switch L2S v2r1Cisco

IDENTIFICATION AND AUTHENTICATION

CISC-RT-000040 - The Cisco router must be configured to use encryption for routing protocol authentication - OSPFDISA STIG Cisco IOS Router RTR v1r4Cisco

IDENTIFICATION AND AUTHENTICATION

CISC-RT-000040 - The Cisco switch must be configured to use encryption for routing protocol authentication - bgpDISA STIG Cisco NX-OS Switch RTR v1r1Cisco

IDENTIFICATION AND AUTHENTICATION

CISC-RT-000040 - The Cisco switch must be configured to use encryption for routing protocol authentication - is-isDISA STIG Cisco NX-OS Switch RTR v1r1Cisco

IDENTIFICATION AND AUTHENTICATION

CISC-RT-000040 - The Cisco switch must be configured to use encryption for routing protocol authentication - ospfDISA STIG Cisco NX-OS Switch RTR v1r1Cisco

IDENTIFICATION AND AUTHENTICATION

CISC-RT-000050 - The Cisco switch must be configured to authenticate all routing protocol messages using NIST-validated FIPS 198-1 message authentication code algorithm.DISA STIG Cisco NX-OS Switch RTR v1r1Cisco

IDENTIFICATION AND AUTHENTICATION

CISC-RT-000050 - The Cisco switch must be configured to authenticate all routing protocol messages using NIST-validated FIPS 198-1 message authentication code algorithm.DISA STIG Cisco IOS Switch RTR v1r1Cisco

IDENTIFICATION AND AUTHENTICATION

DB2X-00-004600 - DB2 must use NIST FIPS 140-2 validated cryptographic modules for cryptographic operations - ALGORITHMDISA STIG IBM DB2 v10.5 LUW v1r4 DatabaseIBM_DB2DB

SYSTEM AND COMMUNICATIONS PROTECTION

DB2X-00-004600 - DB2 must use NIST FIPS 140-2 validated cryptographic modules for cryptographic operations - DB2COMMDISA STIG IBM DB2 v10.5 LUW v1r4 OS LinuxUnix

SYSTEM AND COMMUNICATIONS PROTECTION

DB2X-00-004600 - DB2 must use NIST FIPS 140-2 validated cryptographic modules for cryptographic operations - DB2COMMDISA STIG IBM DB2 v10.5 LUW v1r4 OS WindowsWindows

SYSTEM AND COMMUNICATIONS PROTECTION

DB2X-00-004600 - DB2 must use NIST FIPS 140-2 validated cryptographic modules for cryptographic operations - SSL_CIPHERSPECSDISA STIG IBM DB2 v10.5 LUW v1r4 DatabaseIBM_DB2DB

SYSTEM AND COMMUNICATIONS PROTECTION

DB2X-00-004600 - DB2 must use NIST FIPS 140-2 validated cryptographic modules for cryptographic operations - SSL_SVC_LABELDISA STIG IBM DB2 v10.5 LUW v1r4 DatabaseIBM_DB2DB

SYSTEM AND COMMUNICATIONS PROTECTION

DB2X-00-004600 - DB2 must use NIST FIPS 140-2 validated cryptographic modules for cryptographic operations. - DB2COMMDISA STIG IBM DB2 v10.5 LUW v1r3 OS LinuxUnix

SYSTEM AND COMMUNICATIONS PROTECTION

FGFW-ND-000255 - The FortiGate device must use FIPS 140-2 approved algorithms for authentication to a cryptographic module.DISA Fortigate Firewall NDM STIG v1r4FortiGate

IDENTIFICATION AND AUTHENTICATION

JUEX-L2-000030 - The Juniper layer 2 switch must be configured to disable all dynamic VLAN registration protocols.DISA Juniper EX Series Layer 2 Switch v2r1Juniper

IDENTIFICATION AND AUTHENTICATION

JUEX-NM-000340 - The Juniper EX switch must be configured to use FIPS 140-2 approved algorithms for authentication to a cryptographic module.DISA Juniper EX Series Network Device Management v2r1Juniper

IDENTIFICATION AND AUTHENTICATION

JUEX-RT-000300 - The Juniper router must be configured to authenticate all routing protocol messages using NIST-validated FIPS 198-1 message authentication code algorithm.DISA Juniper EX Series Router v2r1Juniper

IDENTIFICATION AND AUTHENTICATION

JUNI-RT-000040 - The Juniper router must be configured to use encryption for routing protocol authentication - IS-ISDISA STIG Juniper Router RTR v1r4Juniper

IDENTIFICATION AND AUTHENTICATION

MYS8-00-006200 - The MySQL Database Server 8.0 must use NIST FIPS 140-2 or 140-3 validated cryptographic modules for cryptographic operations.DISA Oracle MySQL 8.0 v2r1 DBMySQLDB

IDENTIFICATION AND AUTHENTICATION

OL08-00-010159 - The OL 8 'pam_unix.so' module must be configured in the system-auth file to use a FIPS 140-2 approved cryptographic hashing algorithm for system authentication.DISA Oracle Linux 8 STIG v2r1Unix

IDENTIFICATION AND AUTHENTICATION

OL08-00-010160 - The OL 8 'pam_unix.so' module must be configured in the password-auth file to use a FIPS 140-2 approved cryptographic hashing algorithm for system authentication.DISA Oracle Linux 8 STIG v2r1Unix

IDENTIFICATION AND AUTHENTICATION

OL08-00-010161 - OL 8 must prevent system daemons from using Kerberos for authentication.DISA Oracle Linux 8 STIG v2r1Unix

IDENTIFICATION AND AUTHENTICATION

OL08-00-010163 - The krb5-server package must not be installed on OL 8.DISA Oracle Linux 8 STIG v2r1Unix

IDENTIFICATION AND AUTHENTICATION

PHTN-40-000059 The Photon operating system must use mechanisms meeting the requirements of applicable federal laws, Executive orders, directives, policies, regulations, standards, and guidance for authentication to a cryptographic module.DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1Unix

IDENTIFICATION AND AUTHENTICATION

PPS9-00-004900 - The EDB Postgres Advanced Server must use NIST FIPS 140-2 validated cryptographic modules for cryptographic operations - opensslEDB PostgreSQL Advanced Server OS Linux Audit v1r7Unix

SYSTEM AND COMMUNICATIONS PROTECTION

PPS9-00-004900 - The EDB Postgres Advanced Server must use NIST FIPS 140-2 validated cryptographic modules for cryptographic operations - RHELEDB PostgreSQL Advanced Server OS Linux Audit v1r7Unix

CONFIGURATION MANAGEMENT

PPS9-00-013200 - The EDB Postgres Advanced Server must be configured on a platform that has a NIST certified FIPS 140-2 installation of OpenSSL.EDB PostgreSQL Advanced Server OS Linux Audit v1r7Unix

CONFIGURATION MANAGEMENT

RHEL-08-010159 - The RHEL 8 pam_unix.so module must be configured in the system-auth file to use a FIPS 140-2 approved cryptographic hashing algorithm for system authentication.DISA Red Hat Enterprise Linux 8 STIG v1r14Unix

IDENTIFICATION AND AUTHENTICATION

RHEL-08-010160 - The RHEL 8 pam_unix.so module must be configured in the password-auth file to use a FIPS 140-2 approved cryptographic hashing algorithm for system authentication.DISA Red Hat Enterprise Linux 8 STIG v1r14Unix

IDENTIFICATION AND AUTHENTICATION

RHEL-08-010162 - The krb5-workstation package must not be installed on RHEL 8.DISA Red Hat Enterprise Linux 8 STIG v1r14Unix

IDENTIFICATION AND AUTHENTICATION

SLES-15-010260 - The SUSE operating system must employ FIPS 140-2 approved cryptographic hashing algorithm for system authentication (login.defs).DISA SLES 15 STIG v2r1Unix

IDENTIFICATION AND AUTHENTICATION

SP13-00-000085 - SharePoint must implement required cryptographic protections using cryptographic modules complying with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.DISA STIG SharePoint 2013 v1r8Windows

SYSTEM AND COMMUNICATIONS PROTECTION

SP13-00-000145 - SharePoint must use mechanisms for authentication to a cryptographic module that meet the requirements of applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance for such authentication.DISA STIG SharePoint 2013 v1r8Windows

SYSTEM AND COMMUNICATIONS PROTECTION

SPLK-CL-000430 - Splunk Enterprise must use TLS 1.2 and SHA-2 or higher cryptographic algorithms.DISA STIG Splunk Enterprise 8.x for Linux v2r1 STIG OSUnix

IDENTIFICATION AND AUTHENTICATION

SYMP-NM-000280 - Symantec ProxySG must be configured to use only FIPS 140-2 approved algorithms for authentication to a cryptographic module with any application or protocol.DISA Symantec ProxySG Benchmark NDM v1r2BlueCoat

IDENTIFICATION AND AUTHENTICATION

UBTU-22-611070 - Ubuntu 22.04 LTS must encrypt all stored passwords with a FIPS 140-3-approved cryptographic hashing algorithm.DISA STIG Canonical Ubuntu 22.04 LTS v2r2Unix

IDENTIFICATION AND AUTHENTICATION

VCLD-70-000056 - VAMI must enable FIPS mode.DISA STIG VMware vSphere 7.0 VAMI v1r2Unix

IDENTIFICATION AND AUTHENTICATION

WN11-CC-000052 - Windows 11 must be configured to prioritize ECC Curves with longer key lengths first.DISA Windows 11 STIG v2r1Windows

IDENTIFICATION AND AUTHENTICATION

WN11-SO-000190 - Kerberos encryption types must be configured to prevent the use of DES and RC4 encryption suites.DISA Windows 11 STIG v2r1Windows

IDENTIFICATION AND AUTHENTICATION

WN22-SO-000290 - Windows Server 2022 Kerberos encryption types must be configured to prevent the use of DES and RC4 encryption suites.DISA Windows Server 2022 STIG v2r1Windows

IDENTIFICATION AND AUTHENTICATION