| 20.54 Ensure 'Protection methods such as TLS, encrypted VPN's, or IPsec must be implemented if the data owner has a strict requirement for ensuring data integrity and confidentiality is maintained at every step of the data transfer and handling process' | CIS Microsoft Windows Server 2022 STIG v1.0.0 STIG MS | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 20.54 Ensure 'Protection methods such as TLS, encrypted VPN's, or IPsec must be implemented if the data owner has a strict requirement for ensuring data integrity and confidentiality is maintained at every step of the data transfer and handling process' | CIS Microsoft Windows Server 2022 STIG v1.0.0 STIG DC | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| EPAS-00-009500 - The EDB Postgres Advanced Server must maintain the confidentiality and integrity of information during preparation for transmission. | EnterpriseDB PostgreSQL Advanced Server OS Linux v1r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| EPAS-00-009600 - The EDB Postgres Advanced Server must maintain the confidentiality and integrity of information during reception. | EnterpriseDB PostgreSQL Advanced Server DB v1r1 | PostgreSQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| MADB-10-009000 - MariaDB must maintain the confidentiality and integrity of information during reception. | DISA MariaDB Enterprise 10.x v1r3 DB | MySQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| MD4X-00-006000 - MongoDB must maintain the confidentiality and integrity of information during preparation for transmission. | DISA STIG MongoDB Enterprise Advanced 4.x v1r3 OS | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OH12-1X-000010 - OHS must have the SSLCipherSuite directive enabled to encrypt remote connections in accordance with the categorization of data hosted by the web server. | DISA STIG Oracle HTTP Server 12.1.3 v1r6 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OH12-1X-000013 - OHS must have the SSLEngine, SSLProtocol, and SSLWallet directives enabled and configured to protect the integrity of remote sessions in accordance with the categorization of data hosted by the web server - SSLEngine | DISA STIG Oracle HTTP Server 12.1.3 v1r7 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OH12-1X-000013 - OHS must have the SSLEngine, SSLProtocol, and SSLWallet directives enabled and configured to protect the integrity of remote sessions in accordance with the categorization of data hosted by the web server - SSLEngine | DISA STIG Oracle HTTP Server 12.1.3 v1r6 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OH12-1X-000013 - OHS must have the SSLEngine, SSLProtocol, and SSLWallet directives enabled and configured to protect the integrity of remote sessions in accordance with the categorization of data hosted by the web server - SSLWallet | DISA STIG Oracle HTTP Server 12.1.3 v1r6 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OH12-1X-000014 - OHS must have the SSLCipherSuite directive enabled to protect the integrity of remote sessions in accordance with the categorization of data hosted by the web server. | DISA STIG Oracle HTTP Server 12.1.3 v1r7 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OH12-1X-000014 - OHS must have the SSLCipherSuite directive enabled to protect the integrity of remote sessions in accordance with the categorization of data hosted by the web server. | DISA STIG Oracle HTTP Server 12.1.3 v1r6 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OH12-1X-000232 - A public OHS server must use TLS if authentication is required to host web sites - SSLEngine | DISA STIG Oracle HTTP Server 12.1.3 v1r6 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OH12-1X-000232 - A public OHS server must use TLS if authentication is required to host web sites - SSLProtocol | DISA STIG Oracle HTTP Server 12.1.3 v1r7 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OH12-1X-000232 - A public OHS server must use TLS if authentication is required to host web sites - SSLProtocol | DISA STIG Oracle HTTP Server 12.1.3 v1r6 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OH12-1X-000232 - A public OHS server must use TLS if authentication is required to host web sites - SSLWallet | DISA STIG Oracle HTTP Server 12.1.3 v1r6 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OH12-1X-000242 - OHS must have the SSLEngine, SSLProtocol, and SSLWallet directives enabled and configured to encrypt passwords during transmission - SSLEngine | DISA STIG Oracle HTTP Server 12.1.3 v1r7 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OH12-1X-000242 - OHS must have the SSLEngine, SSLProtocol, and SSLWallet directives enabled and configured to encrypt passwords during transmission - SSLProtocol | DISA STIG Oracle HTTP Server 12.1.3 v1r7 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OH12-1X-000242 - OHS must have the SSLEngine, SSLProtocol, and SSLWallet directives enabled and configured to encrypt passwords during transmission - SSLWallet | DISA STIG Oracle HTTP Server 12.1.3 v1r6 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OH12-1X-000246 - OHS must have the SSLEngine, SSLProtocol, and SSLWallet directives enabled and configured to perform RFC 5280-compliant certification path validation - SSLEngine | DISA STIG Oracle HTTP Server 12.1.3 v1r6 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OH12-1X-000246 - OHS must have the SSLEngine, SSLProtocol, and SSLWallet directives enabled and configured to perform RFC 5280-compliant certification path validation - SSLProtocol | DISA STIG Oracle HTTP Server 12.1.3 v1r7 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OH12-1X-000246 - OHS must have the SSLEngine, SSLProtocol, and SSLWallet directives enabled and configured to perform RFC 5280-compliant certification path validation - SSLProtocol | DISA STIG Oracle HTTP Server 12.1.3 v1r6 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OH12-1X-000246 - OHS must have the SSLEngine, SSLProtocol, and SSLWallet directives enabled and configured to perform RFC 5280-compliant certification path validation - SSLWallet | DISA STIG Oracle HTTP Server 12.1.3 v1r7 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OH12-1X-000246 - OHS must have the SSLEngine, SSLProtocol, and SSLWallet directives enabled and configured to perform RFC 5280-compliant certification path validation - SSLWallet | DISA STIG Oracle HTTP Server 12.1.3 v1r6 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OH12-1X-000247 - OHS must have the SSLCipherSuite directive enabled to perform RFC 5280-compliant certification path validation. | DISA STIG Oracle HTTP Server 12.1.3 v1r7 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OH12-1X-000255 - OHS must have the SSLEngine, SSLProtocol, and SSLWallet directives enabled to meet the requirements of applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance when encrypting stored data - SSLEngine | DISA STIG Oracle HTTP Server 12.1.3 v1r7 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OH12-1X-000255 - OHS must have the SSLEngine, SSLProtocol, and SSLWallet directives enabled to meet the requirements of applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance when encrypting stored data - SSLEngine | DISA STIG Oracle HTTP Server 12.1.3 v1r6 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OH12-1X-000255 - OHS must have the SSLEngine, SSLProtocol, and SSLWallet directives enabled to meet the requirements of applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance when encrypting stored data - SSLWallet | DISA STIG Oracle HTTP Server 12.1.3 v1r6 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OH12-1X-000259 - OHS must have the SSLEngine, SSLProtocol, and SSLWallet directives enabled and configured to meet the requirements of applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance for such authentication - SSLEngine | DISA STIG Oracle HTTP Server 12.1.3 v1r7 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OH12-1X-000259 - OHS must have the SSLEngine, SSLProtocol, and SSLWallet directives enabled and configured to meet the requirements of applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance for such authentication - SSLEngine | DISA STIG Oracle HTTP Server 12.1.3 v1r6 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OH12-1X-000259 - OHS must have the SSLEngine, SSLProtocol, and SSLWallet directives enabled and configured to meet the requirements of applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance for such authentication - SSLProtocol | DISA STIG Oracle HTTP Server 12.1.3 v1r7 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OH12-1X-000259 - OHS must have the SSLEngine, SSLProtocol, and SSLWallet directives enabled and configured to meet the requirements of applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance for such authentication - SSLWallet | DISA STIG Oracle HTTP Server 12.1.3 v1r6 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OH12-1X-000259 - OHS must have the SSLEngine, SSLProtocol, and SSLWallet directives enabled and configured to meet the requirements of applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance for such authentication - SSLWallet | DISA STIG Oracle HTTP Server 12.1.3 v1r7 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OH12-1X-000260 - OHS must have the SSLCipherSuite directive enabled to meet the requirements of applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance for such authentication. | DISA STIG Oracle HTTP Server 12.1.3 v1r7 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OH12-1X-000296 - OHS must have the SSLEngine, SSLProtocol, and SSLWallet directives enabled and configured to implement required cryptographic protections using cryptographic modules complying with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance when encrypting data that must be compartmentalized - SSLWallet | DISA STIG Oracle HTTP Server 12.1.3 v1r7 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OH12-1X-000297 - OHS must have the SSLCipherSuite directive enabled to implement required cryptographic protections using cryptographic modules complying with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance when encrypting data that must be compartmentalized. | DISA STIG Oracle HTTP Server 12.1.3 v1r7 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OH12-1X-000300 - OHS must have the SSLEngine, SSLProtocol, and SSLWallet directives enabled so SSL requests can be processed with client certificates only issued by DoD PKI or DoD-approved PKI Certification Authorities (CAs) - SSLWallet | DISA STIG Oracle HTTP Server 12.1.3 v1r7 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OH12-1X-000301 - OHS must have the SSLCipherSuite directive enabled so SSL requests can be processed with client certificates only issued by DoD PKI or DoD-approved PKI Certification Authorities (CAs). | DISA STIG Oracle HTTP Server 12.1.3 v1r6 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OH12-1X-000310 - OHS must have the SSLEngine, SSLProtocol, SSLWallet directives enabled and configured to prevent unauthorized disclosure of information during transmission - SSLProtocol | DISA STIG Oracle HTTP Server 12.1.3 v1r7 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OH12-1X-000310 - OHS must have the SSLEngine, SSLProtocol, SSLWallet directives enabled and configured to prevent unauthorized disclosure of information during transmission - SSLWallet | DISA STIG Oracle HTTP Server 12.1.3 v1r7 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OH12-1X-000322 - OHS must have the SSLEngine, SSLProtocol, and SSLWallet directives enabled and configured to maintain the confidentiality of controlled information during transmission through the use of an approved TLS version - SSLEngine | DISA STIG Oracle HTTP Server 12.1.3 v1r6 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OH12-1X-000322 - OHS must have the SSLEngine, SSLProtocol, and SSLWallet directives enabled and configured to maintain the confidentiality of controlled information during transmission through the use of an approved TLS version - SSLEngine | DISA STIG Oracle HTTP Server 12.1.3 v1r7 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OH12-1X-000322 - OHS must have the SSLEngine, SSLProtocol, and SSLWallet directives enabled and configured to maintain the confidentiality of controlled information during transmission through the use of an approved TLS version - SSLWallet | DISA STIG Oracle HTTP Server 12.1.3 v1r7 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OH12-1X-000326 - OHS must have the SSLEngine, SSLProtocol, and SSLWallet directives enabled and configured to maintain the confidentiality and integrity of information during preparation for transmission - SSLProtocol | DISA STIG Oracle HTTP Server 12.1.3 v1r7 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OH12-1X-000327 - OHS must have the SSLCipherSuite directive enabled to maintain the confidentiality and integrity of information during preparation for transmission. | DISA STIG Oracle HTTP Server 12.1.3 v1r6 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OH12-1X-000327 - OHS must have the SSLCipherSuite directive enabled to maintain the confidentiality and integrity of information during preparation for transmission. | DISA STIG Oracle HTTP Server 12.1.3 v1r7 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OH12-1X-000333 - OHS must have the SSLEngine, SSLProtocol, and SSLWallet directives enabled and configured to maintain the confidentiality and integrity of information during reception - SSLProtocol | DISA STIG Oracle HTTP Server 12.1.3 v1r7 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OH12-1X-000333 - OHS must have the SSLEngine, SSLProtocol, and SSLWallet directives enabled and configured to maintain the confidentiality and integrity of information during reception - SSLWallet | DISA STIG Oracle HTTP Server 12.1.3 v1r7 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| WBSP-AS-001620 - The WebSphere Application Server distribution and consistency services (DCS) transport links must be encrypted. | DISA IBM WebSphere Traditional 9 STIG v1r1 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| WBSP-AS-001620 - The WebSphere Application Server distribution and consistency services (DCS) transport links must be encrypted. | DISA IBM WebSphere Traditional 9 Windows STIG v1r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
