| 1.6 Support Web Access Security - a) ciphersuite | Tenable ZTE ROSNG | ZTE_ROSNG | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.8 SSH Strong Algorithm - b) Disable encryption 3des-cbc | Tenable ZTE ROSNG | ZTE_ROSNG | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.8 SSH Strong Algorithm - d) Disable encryption aes192-cbc | Tenable ZTE ROSNG | ZTE_ROSNG | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.13.2.4 Ensure 'Message Formats' is set to Enabled:S/MIME and Fortezza | CIS Microsoft Office Outlook 2013 v1.1.0 Level 1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.220 - User and group account administration utilities must be configured to store only encrypted representations of passwords. | Tenable Fedora Linux Best Practices v2.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.2.27 Ensure ldap_id_use_start_tls is set for LDAP. | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.2.28 Ensure ldap_tls_reqcert is set for LDAP | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.3.11.4 Ensure 'Network security: Configure encryption types allowed for Kerberos' is set to 'AES128_HMAC_SHA1, AES256_HMAC_SHA1, Future encryption types' | CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.3.11.4 Ensure 'Network security: Configure encryption types allowed for Kerberos' is set to 'AES128_HMAC_SHA1, AES256_HMAC_SHA1, Future' | CIS Windows 7 Workstation Level 1 v3.1.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.6.1 Enable FileVault - Encryption Type | CIS Apple OSX 10.10 Yosemite L1 v1.1.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.12 Set 'Configure dial plan security' to 'Secured' | CIS Microsoft Exchange Server 2013 UM v1.1.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.25.9 Ensure 'Encryption Type for Password Protected Office 97-2003 files' is set to Enabled | CIS Microsoft Office 2016 v1.1.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.3 - LDAP Server SSL should be enabled | TNS Oracle WebLogic Server 10 Linux Best Practices | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.3 - LDAP Server SSL should be enabled | TNS Oracle WebLogic Server 10 Windows Best Practices | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.9 - FIPS Compliant cryptographic Module should be used - JAVA_PROPERTIES | TNS Oracle WebLogic Server 10 Windows Best Practices | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.10 Set 'Enable S/MIME for OWA 2010' to 'True' | CIS Microsoft Exchange Server 2016 CAS v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.2 Set Security TLS Version Maximum | CIS Mozilla Firefox 38 ESR Linux L1 v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.2.15 Ensure only strong Key Exchange algorithms are used | CIS Oracle Linux 7 Server L1 v3.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.2.22 Ensure only FIPS 140-2 ciphers are used for SSH | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.04 OAS - 'FIPS Compliance - sslfips_140 = TRUE' | CIS v1.1.0 Oracle 11g OS L2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.05 OAS - 'FIPS Compliance - sslfips_140 = TRUE' | CIS Oracle 9 10 Windows Level2 v2.01 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.06 OAS Encryption Method (FIPS 140) - 'SQLNET.ENCRYPTION_TYPES_SERVER=(DES|DES40)' | CIS Oracle 9/10 OS Audit L2 v2.01 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.14 OAS - 'SSL Cipher Suite - Set SSL Cipher Suite. ssl_cipher_suites = SSL_RSA_WITH_3DES_EDE_CBC_SHA' | CIS v1.1.0 Oracle 11g OS Windows Level 2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.7 Ensure NULL Cipher Suites is disabled | CIS IIS 7 L1 v1.8.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.8 Ensure DES Cipher Suites is disabled | CIS IIS 7 L1 v1.8.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.9 Ensure RC2 Cipher Suites is disabled - RC2 40/128 | CIS IIS 7 L1 v1.8.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.10 Ensure Password Encryption Uses SHA algorithms 'CRYPT_ALGORITHMS_ALLOW' | CIS Solaris 10 L1 v5.2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.10 Ensure Password Encryption Uses SHA algorithms 'CRYPT_DEFAULT' | CIS Solaris 10 L1 v5.2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.10 Ensure RC4 Cipher Suites is disabled | CIS IIS 8.0 v1.5.1 Level 1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 10 - Enable SSL Connector | TNS Best Practice JBoss 7 Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 14 - SSL Encryption - WSDL Secure Port | TNS Best Practice JBoss 7 Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 16 - ORB Subsystem - Security-Domain Set | TNS Best Practice JBoss 7 Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.8.4.1 Ensure 'Encryption Oracle Remediation' is set to 'Enabled: Force Updated Clients' | CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 20.55 Ensure 'Separate NSA-approved (Type 1) cryptography is used' (STIG DC only) | CIS Microsoft Windows Server 2016 STIG v2.0.0 STIG DC | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 28 - Ensure scheme is set accurately | TNS Best Practice Jetty 9 Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Access Security - Enable required secure access services - J-Web over HTTPS | Juniper Hardening JunOS 12 Devices Checklist | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| Access Security - Enable required secure access services - ssh | Juniper Hardening JunOS 12 Devices Checklist | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| Allow fallback to SSL 3.0 (Internet Explorer) | MSCT MSCT Windows Server 2022 DC v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Brocade - Enable HTTPS IPv6 | Tenable Best Practices Brocade FabricOS | Brocade | SYSTEM AND COMMUNICATIONS PROTECTION |
| Brocade - Enable SFTP IPv4 | Tenable Best Practices Brocade FabricOS | Brocade | SYSTEM AND COMMUNICATIONS PROTECTION |
| Brocade : 'Enable SSH IPv4' | TNS Brocade FabricOS Best Practices | Brocade | SYSTEM AND COMMUNICATIONS PROTECTION |
| Citrix ADM - SSL - Settings - TLS v1 | Tenable Best Practice Citrix ADM v1.0.0 | Citrix_Application_Delivery | SYSTEM AND COMMUNICATIONS PROTECTION |
| Connections - ssl_key_file | TNS PostgreSQL 9.6 Best Practices Unix OS | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO187 - Rights managed Office Open XML files must be protected. | DISA STIG Office System 2010 v1r5 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO188 - Document metadata for password protected files must be protected. | DISA STIG Office System 2010 v1r5 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Enable IKE Version 1/2 - cipher-suite | Tenable Cisco Viptela SD-WAN - vEdge | Cisco_Viptela | SYSTEM AND COMMUNICATIONS PROTECTION |
| Encrypt Communication - config - 'net.ssl.mode = requireSSL' | TNS MongoDB 2.6 Best Practices Windows OS Audit v1.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Encrypt Communication - config - 'sslOnNormalPorts = true' | TNS MongoDB 2.4 Best Practices Windows OS Audit v1.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| PCI 3.4.1.a If disk encryption is used, verify that logical access is not allowed using local user account databases | PCI v2.0/v3.0 Windows Best Practices | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Turn off encryption support | MSCT Windows Server v20H2 MS v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
