AOSX-11-000605 - The system must implement crypto to protect the integrity and confidentiality of data during transmission of remote access. | DISA STIG Apple Mac OSX 10.11 v1r6 | Unix | CONFIGURATION MANAGEMENT |
AOSX-12-000605 - The OS X system must not use telnet. | DISA STIG Apple Mac OSX 10.12 v1r6 | Unix | CONFIGURATION MANAGEMENT |
AOSX-13-000055 - The macOS system must use only Message Authentication Codes (MACs) employing FIPS 140-2 validated cryptographic hash algorithms. | DISA STIG Apple Mac OSX 10.13 v2r3 | Unix | CONFIGURATION MANAGEMENT |
AOSX-13-000605 - The macOS system must not use telnet. | DISA STIG Apple Mac OSX 10.13 v2r1 | Unix | CONFIGURATION MANAGEMENT |
AOSX-13-000605 - The macOS system must not use telnet. | DISA STIG Apple Mac OSX 10.13 v2r3 | Unix | CONFIGURATION MANAGEMENT |
AOSX-14-003024 - The macOS system must use multifactor authentication in the establishment of nonlocal maintenance and diagnostic sessions - ChallengeResponseAuthentication | DISA STIG Apple Mac OSX 10.14 v2r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
AOSX-14-003024 - The macOS system must use multifactor authentication in the establishment of nonlocal maintenance and diagnostic sessions - ChallengeResponseAuthentication | DISA STIG Apple Mac OSX 10.14 v2r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
AOSX-14-003024 - The macOS system must use multifactor authentication in the establishment of nonlocal maintenance and diagnostic sessions - ChallengeResponseAuthentication | DISA STIG Apple Mac OSX 10.14 v2r5 | Unix | IDENTIFICATION AND AUTHENTICATION |
AOSX-14-003024 - The macOS system must use multifactor authentication in the establishment of nonlocal maintenance and diagnostic sessions - PasswordAuthentication | DISA STIG Apple Mac OSX 10.14 v2r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
AOSX-14-003024 - The macOS system must use multifactor authentication in the establishment of nonlocal maintenance and diagnostic sessions - PasswordAuthentication | DISA STIG Apple Mac OSX 10.14 v2r5 | Unix | IDENTIFICATION AND AUTHENTICATION |
AOSX-14-003024 - The macOS system must use multifactor authentication in the establishment of nonlocal maintenance and diagnostic sessions - PasswordAuthentication | DISA STIG Apple Mac OSX 10.14 v2r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
AOSX-15-003020 - The macOS system must use multifactor authentication for local and network access to privileged and non-privileged accounts, the establishment of nonlocal maintenance and diagnostic sessions, and authentication for remote access to privileged accounts in such a way that one of the factors is provided by a device separate from the system gaining access - ChallengeResponseAuthentication | DISA STIG Apple Mac OSX 10.15 v1r8 | Unix | |
AOSX-15-003020 - The macOS system must use multifactor authentication for local and network access to privileged and non-privileged accounts, the establishment of nonlocal maintenance and diagnostic sessions, and authentication for remote access to privileged accounts in such a way that one of the factors is provided by a device separate from the system gaining access - enforceSmartCard | DISA STIG Apple Mac OSX 10.15 v1r8 | Unix | |
AOSX-15-003020 - The macOS system must use multifactor authentication for local and network access to privileged and non-privileged accounts, the establishment of nonlocal maintenance and diagnostic sessions, and authentication for remote access to privileged accounts in such a way that one of the factors is provided by a device separate from the system gaining access - PasswordAuthentication | DISA STIG Apple Mac OSX 10.15 v1r8 | Unix | |
APPL-13-000056 - The macOS system must implement approved Key Exchange Algorithms within the SSH server configuration. | DISA STIG Apple macOS 13 v1r3 | Unix | |
APPL-13-000057 - The macOS system must implement approved ciphers within the SSH client configuration to protect the confidentiality of SSH connections. | DISA STIG Apple macOS 13 v1r2 | Unix | |
OL07-00-040110 - The Oracle Linux 7 operating system must implement DoD-approved encryption to protect the confidentiality of SSH connections. | DISA Oracle Linux 7 STIG v2r13 | Unix | |
OL07-00-040110 - The Oracle Linux 7 operating system must implement DoD-approved encryption to protect the confidentiality of SSH connections. | DISA Oracle Linux 7 STIG v2r11 | Unix | |
OL07-00-040110 - The Oracle Linux 7 operating system must implement DoD-approved encryption to protect the confidentiality of SSH connections. | DISA Oracle Linux 7 STIG v2r7 | Unix | |
OL07-00-040110 - The Oracle Linux 7 operating system must implement DoD-approved encryption to protect the confidentiality of SSH connections. | DISA Oracle Linux 7 STIG v2r9 | Unix | |
OL07-00-040110 - The Oracle Linux 7 operating system must implement DoD-approved encryption to protect the confidentiality of SSH connections. | DISA Oracle Linux 7 STIG v2r12 | Unix | |
OL07-00-040110 - The Oracle Linux 7 operating system must implement DoD-approved encryption to protect the confidentiality of SSH connections. | DISA Oracle Linux 7 STIG v2r4 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
OL07-00-040110 - The Oracle Linux 7 operating system must implement DoD-approved encryption to protect the confidentiality of SSH connections. | DISA Oracle Linux 7 STIG v2r5 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
OL08-00-010020 - OL 8 must implement NIST FIPS-validated cryptography for the following: To provision digital signatures, to generate cryptographic hashes, and to protect data requiring data-at-rest protections in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards | DISA Oracle Linux 8 STIG v1r7 | Unix | |
OL08-00-010020 - OL 8 must implement NIST FIPS-validated cryptography for the following: To provision digital signatures, to generate cryptographic hashes, and to protect data requiring data-at-rest protections in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards - fips-mode-setup | DISA Oracle Linux 8 STIG v1r4 | Unix | |
PHTN-30-000026 - The Photon operating system must use an OpenSSH server version that does not support protocol 1. | DISA STIG VMware vSphere 7.0 Photon OS v1r2 | Unix | |
PHTN-67-000068 - The Photon operating system must use OpenSSH for remote maintenance sessions. | DISA STIG VMware vSphere 6.7 Photon OS v1r1 | Unix | |
PHTN-67-000068 - The Photon operating system must use OpenSSH for remote maintenance sessions. | DISA STIG VMware vSphere 6.7 Photon OS v1r5 | Unix | |
PHTN-67-000068 - The Photon operating system must use OpenSSH for remote maintenance sessions. | DISA STIG VMware vSphere 6.7 Photon OS v1r3 | Unix | |
RHEL-09-671010 - RHEL 9 must enable FIPS mode. | DISA Red Hat Enterprise Linux 9 STIG v1r3 | Unix | ACCESS CONTROL, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION |
SLES-12-030180 - The SUSE operating system SSH daemon must be configured to only use Message Authentication Codes (MACs) employing FIPS 140-2 approved cryptographic hash algorithms. | DISA SLES 12 STIG v2r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
SLES-12-030180 - The SUSE operating system SSH daemon must be configured to only use Message Authentication Codes (MACs) employing FIPS 140-2 approved cryptographic hash algorithms. | DISA SLES 12 STIG v2r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
SLES-12-030180 - The SUSE operating system SSH daemon must be configured to only use Message Authentication Codes (MACs) employing FIPS 140-2 approved cryptographic hash algorithms. | DISA SLES 12 STIG v2r13 | Unix | ACCESS CONTROL, MAINTENANCE |
SLES-15-010270 - The SUSE operating system SSH daemon must be configured to only use Message Authentication Codes (MACs) employing FIPS 140-2 approved cryptographic hash algorithms. | DISA SLES 15 STIG v1r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
SLES-15-010270 - The SUSE operating system SSH daemon must be configured to only use Message Authentication Codes (MACs) employing FIPS 140-2 approved cryptographic hash algorithms. | DISA SLES 15 STIG v1r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
SLES-15-010270 - The SUSE operating system SSH daemon must be configured to only use Message Authentication Codes (MACs) employing FIPS 140-2 approved cryptographic hash algorithms. | DISA SLES 15 STIG v1r13 | Unix | ACCESS CONTROL, MAINTENANCE |
SOL-11.1-050180 - The operating system must employ strong identification and authentication techniques in the establishment of non-local maintenance and diagnostic sessions - service | DISA STIG Solaris 11 SPARC v2r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
SOL-11.1-050240 - The boundary protection system (firewall) must be configured to deny network traffic by default and must allow network traffic by exception (i.e., deny all, permit by exception) | DISA STIG Solaris 11 X86 v2r8 | Unix | |
SOL-11.1-050240 - The boundary protection system (firewall) must be configured to deny network traffic by default and must allow network traffic by exception (i.e., deny all, permit by exception) | DISA STIG Solaris 11 SPARC v2r8 | Unix | |
SOL-11.1-050240 - The boundary protection system (firewall) must be configured to deny network traffic by default and must allow network traffic by exception (i.e., deny all, permit by exception) - filters | DISA STIG Solaris 11 X86 v2r7 | Unix | |
SOL-11.1-050240 - The boundary protection system (firewall) must be configured to deny network traffic by default and must allow network traffic by exception (i.e., deny all, permit by exception) - filters | DISA STIG Solaris 11 SPARC v2r7 | Unix | |
SOL-11.1-050240 - The boundary protection system (firewall) must be configured to deny network traffic by default and must allow network traffic by exception (i.e., deny all, permit by exception) - firewall/pflog | DISA STIG Solaris 11 SPARC v2r7 | Unix | |
SOL-11.1-050240 - The boundary protection system (firewall) must be configured to deny network traffic by default and must allow network traffic by exception (i.e., deny all, permit by exception) - service | DISA STIG Solaris 11 SPARC v2r7 | Unix | |
SOL-11.1-050240 - The boundary protection system (firewall) must be configured to deny network traffic by default and must allow network traffic by exception (i.e., deny all, permit by exception) - service | DISA STIG Solaris 11 X86 v2r7 | Unix | |
SOL-11.1-050240 - The boundary protection system (firewall) must be configured to deny network traffic by default and must allow network traffic by exception (i.e., deny all, permit by exception). | DISA STIG Solaris 11 X86 v2r9 | Unix | |
SOL-11.1-050240 - The boundary protection system (firewall) must be configured to deny network traffic by default and must allow network traffic by exception (i.e., deny all, permit by exception). | DISA STIG Solaris 11 SPARC v2r9 | Unix | |
WN16-CC-000500 - The Windows Remote Management (WinRM) client must not use Basic authentication. | DISA Windows Server 2016 STIG v2r3 | Windows | ACCESS CONTROL |
WN16-CC-000520 - The Windows Remote Management (WinRM) client must not use Digest authentication. | DISA Windows Server 2016 STIG v2r2 | Windows | ACCESS CONTROL |
WN19-CC-000470 - Windows Server 2019 Windows Remote Management (WinRM) client must not use Basic authentication. | DISA Windows Server 2019 STIG v2r3 | Windows | ACCESS CONTROL |
WN19-CC-000490 - Windows Server 2019 Windows Remote Management (WinRM) client must not use Digest authentication. | DISA Windows Server 2019 STIG v2r2 | Windows | ACCESS CONTROL |