Item Search

NameAudit NamePluginCategory
APPNET0060 - Remoting Services HTTP channels must utilize authentication and encryption.DISA STIG for Microsoft Dot Net Framework 4.0 v2r4Windows

SYSTEM AND COMMUNICATIONS PROTECTION

APPNET0071 - Remoting Services TCP channels must utilize authentication and encryption.DISA STIG for Microsoft Dot Net Framework 4.0 v2r4Windows

SYSTEM AND COMMUNICATIONS PROTECTION

CASA-VN-000240 - The Cisco ASA must be configured to use FIPS-validated SHA-2 or higher for Internet Key Exchange (IKE) Phase 2 - IKE Phase 2DISA STIG Cisco ASA VPN v2r1Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

CASA-VN-000240 - The Cisco ASA must be configured to use FIPS-validated SHA-2 or higher for Internet Key Exchange (IKE) Phase 2 - proposalDISA STIG Cisco ASA VPN v2r1Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

CNTR-K8-001400 - The Kubernetes API server must use approved cipher suites.DISA STIG Kubernetes v2r1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

CNTR-K8-001410 - Kubernetes API Server must have the SSL Certificate Authority set.DISA STIG Kubernetes v2r1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

CNTR-K8-001420 - Kubernetes Kubelet must have the SSL Certificate Authority set.DISA STIG Kubernetes v2r1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

CNTR-K8-001430 - Kubernetes Controller Manager must have the SSL Certificate Authority set.DISA STIG Kubernetes v2r1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

CNTR-K8-001440 - Kubernetes API Server must have a certificate for communication.DISA STIG Kubernetes v2r1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

CNTR-K8-001450 - Kubernetes etcd must enable client authentication to secure service.DISA STIG Kubernetes v2r1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

CNTR-K8-001460 - Kubernetes Kubelet must enable tlsPrivateKeyFile for client authentication to secure service.DISA STIG Kubernetes v2r1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

CNTR-K8-001470 - Kubernetes Kubelet must enable tlsCertFile for client authentication to secure service.DISA STIG Kubernetes v2r1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

CNTR-K8-001480 - Kubernetes etcd must enable client authentication to secure service.DISA STIG Kubernetes v2r1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

CNTR-K8-001490 - Kubernetes etcd must have a key file for secure communication.DISA STIG Kubernetes v2r1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

CNTR-K8-001500 - Kubernetes etcd must have a certificate for communication.DISA STIG Kubernetes v2r1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

CNTR-K8-001510 - Kubernetes etcd must have the SSL Certificate Authority set.DISA STIG Kubernetes v2r1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

CNTR-K8-001520 - Kubernetes etcd must have a certificate for communication.DISA STIG Kubernetes v2r1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

CNTR-K8-001530 - Kubernetes etcd must have a key file for secure communication.DISA STIG Kubernetes v2r1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

CNTR-K8-001540 - Kubernetes etcd must have peer-cert-file set for secure communication.DISA STIG Kubernetes v2r1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

CNTR-K8-001550 - Kubernetes etcd must have a peer-key-file set for secure communication.DISA STIG Kubernetes v2r1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

DTBI046-IE11 - Logon options must be configured to prompt (Internet zone).DISA STIG IE 11 v2r5Windows

SYSTEM AND COMMUNICATIONS PROTECTION

DTBI136-IE11 - Logon options must be configured and enforced (Restricted Sites zone).DISA STIG IE 11 v2r5Windows

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO421 - Session Initiation Protocol (SIP) security mode must be configured.DISA STIG Microsoft Skype for Business 2016 v1r1Windows

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO421 - Session Initiation Protocol (SIP) security mode must be configured.DISA STIG Microsoft Lync 2013 v1r5Windows

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO422 - In the event a secure Session Initiation Protocol (SIP) connection fails, the connection must be restricted from resorting to the unencrypted HTTP.DISA STIG Microsoft Lync 2013 v1r5Windows

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO422 - In the event a secure SIP connection fails, the connection must be restricted from resorting to the unencrypted HTTP.DISA STIG Microsoft Skype for Business 2016 v1r1Windows

SYSTEM AND COMMUNICATIONS PROTECTION

EX13-EG-000090 - Exchange Internet-facing Receive connectors must offer Transport Layer Security (TLS) before using basic authentication.DISA Microsoft Exchange 2013 Edge Transport Server STIG v1r6Windows

SYSTEM AND COMMUNICATIONS PROTECTION

EX13-MB-000110 - Exchange internal Receive connectors must require encryption.DISA Microsoft Exchange 2013 Mailbox Server STIG v2r3Windows

SYSTEM AND COMMUNICATIONS PROTECTION

EX13-MB-000115 - Exchange internal Receive connectors must use Domain Security (mutual authentication Transport Layer Security) - mutual authentication Transport Layer Security.DISA Microsoft Exchange 2013 Mailbox Server STIG v2r3Windows

SYSTEM AND COMMUNICATIONS PROTECTION

EX13-MB-000120 - Exchange internal Send connectors must require encryption.DISA Microsoft Exchange 2013 Mailbox Server STIG v2r3Windows

SYSTEM AND COMMUNICATIONS PROTECTION

EX16-ED-000170 - Exchange internal Send connectors must use domain security (mutual authentication Transport Layer Security)DISA Microsoft Exchange 2016 Edge Transport Server STIG v2r5Windows

SYSTEM AND COMMUNICATIONS PROTECTION

EX16-MB-000220 - Exchange internal Receive connectors must require encryption.DISA Microsoft Exchange 2016 Mailbox Server STIG v2r6Windows

SYSTEM AND COMMUNICATIONS PROTECTION

EX19-ED-000098 Exchange internal send connectors must use domain security (mutual authentication Transport Layer Security).DISA Microsoft Exchange 2019 Edge Server STIG v2r1Windows

SYSTEM AND COMMUNICATIONS PROTECTION

EX19-ED-000099 Exchange internet-facing receive connectors must offer Transport Layer Security (TLS) before using basic authentication.DISA Microsoft Exchange 2019 Edge Server STIG v2r1Windows

SYSTEM AND COMMUNICATIONS PROTECTION

EX19-MB-000236 The application must protect the confidentiality and integrity of transmitted information.DISA Microsoft Exchange 2019 Mailbox Server STIG v2r1Windows

SYSTEM AND COMMUNICATIONS PROTECTION

F5BI-AP-000234 - The F5 BIG-IP appliance must not use the On-Demand Cert Auth VPE agent as part of the APM Policy Profiles.DISA F5 BIG-IP Access Policy Manager STIG v2r3F5

SYSTEM AND COMMUNICATIONS PROTECTION

F5BI-AP-000236 - The F5 BIG-IP appliance must be configured to limit authenticated client sessions to initial session source IP.DISA F5 BIG-IP Access Policy Manager STIG v2r3F5

SYSTEM AND COMMUNICATIONS PROTECTION

F5BI-LT-000097 - The BIG-IP Core implementation must be configured to protect the authenticity of communications sessions.DISA F5 BIG-IP Local Traffic Manager STIG v2r3F5

SYSTEM AND COMMUNICATIONS PROTECTION

JUSX-VN-000025 - The Juniper SRX Services Gateway VPN must configure Internet Key Exchange (IKE) with SHA1 or greater to protect the authenticity of communications sessions.DISA Juniper SRX Services Gateway VPN v3r1Juniper

SYSTEM AND COMMUNICATIONS PROTECTION

O365-LY-000001 - The SIP security mode in Lync must be enabled.DISA STIG Microsoft Office 365 ProPlus v3r1Windows

SYSTEM AND COMMUNICATIONS PROTECTION

O365-LY-000002 - The HTTP fallback for SIP connection in Lync must be disabled.DISA STIG Microsoft Office 365 ProPlus v3r1Windows

SYSTEM AND COMMUNICATIONS PROTECTION

SYMP-AG-000490 - Symantec ProxySG must use Transport Layer Security (TLS) to protect the authenticity of communications sessions.DISA Symantec ProxySG Benchmark ALG v1r3BlueCoat

SYSTEM AND COMMUNICATIONS PROTECTION

TCAT-AS-000800 - Tomcat servers must mutually authenticate proxy or load balancer connections.DISA STIG Apache Tomcat Application Server 9 v3r1 MiddlewareUnix

SYSTEM AND COMMUNICATIONS PROTECTION

WBLC-08-000223 - Oracle WebLogic must ensure authentication of both client and server during the entire session.Oracle WebLogic Server 12c Linux v2r1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

WBLC-08-000223 - Oracle WebLogic must ensure authentication of both client and server during the entire session.Oracle WebLogic Server 12c Windows v2r1Windows

SYSTEM AND COMMUNICATIONS PROTECTION

WBLC-08-000223 - Oracle WebLogic must ensure authentication of both client and server during the entire session.Oracle WebLogic Server 12c Linux v2r1 MiddlewareUnix

SYSTEM AND COMMUNICATIONS PROTECTION

WBSP-AS-001410 - The WebSphere Application Server DoD root CAs must be in the trust store.DISA IBM WebSphere Traditional 9 Windows STIG v1r1Windows

SYSTEM AND COMMUNICATIONS PROTECTION

WBSP-AS-001410 - The WebSphere Application Server DoD root CAs must be in the trust store.DISA IBM WebSphere Traditional 9 STIG v1r1 MiddlewareUnix

SYSTEM AND COMMUNICATIONS PROTECTION

WBSP-AS-001410 - The WebSphere Application Server DoD root CAs must be in the trust store.DISA IBM WebSphere Traditional 9 STIG v1r1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

WDNS-SC-000020 - The Windows 2012 DNS Server must protect the authenticity of dynamic updates via transaction signing.DISA Microsoft Windows 2012 Server DNS STIG v2r7Windows

SYSTEM AND COMMUNICATIONS PROTECTION