Item Search

NameAudit NamePluginCategory
AIX7-00-002110 - AIX must setup SSH daemon to disable revoked public keys.DISA STIG AIX 7.x v2r9Unix

IDENTIFICATION AND AUTHENTICATION

AOSX-14-001060 - The macOS system must accept and verify Personal Identity Verification (PIV) credentials, implement a local cache of revocation data to support path discovery and validation in case of the inability to access revocation information via the network, and only allow the use of DoD PKI-established certificate authorities for verification of the establishment of protected sessions.DISA STIG Apple Mac OSX 10.14 v2r6Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

AOSX-15-001060 - The macOS system must accept and verify Personal Identity Verification (PIV) credentials, implement a local cache of revocation data to support path discovery and validation in case of the inability to access revocation information via the network, and only allow the use of DoD PKI-established certificate authorities for verification of the establishment of protected sessions.DISA STIG Apple Mac OSX 10.15 v1r10Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

APPL-11-001060 - The macOS system must accept and verify Personal Identity Verification (PIV) credentials, implement a local cache of revocation data to support path discovery and validation in case of the inability to access revocation information via the network, and only allow the use of DoD PKI-established certificate authorities to verify the establishment of protected sessions.DISA STIG Apple macOS 11 v1r8Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

APPL-11-001060 - The macOS system must accept and verify Personal Identity Verification (PIV) credentials, implement a local cache of revocation data to support path discovery and validation in case of the inability to access revocation information via the network, and only allow the use of DoD PKI-established certificate authorities to verify the establishment of protected sessions.DISA STIG Apple macOS 11 v1r5Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

APPL-12-001060 - The macOS system must accept and verify Personal Identity Verification (PIV) credentials, implement a local cache of revocation data to support path discovery and validation in case of the inability to access revocation information via the network, and only allow the use of DoD PKI-established certificate authorities for verification of the establishment of protected sessions - PIV credentials, implement a local cache of revocation data to support path discovery and validation in case of the inability to access revocation information via the network, and only allow the use of DoD PKI-established certificate authorities to verify the establishment of protected sessions.DISA STIG Apple macOS 12 v1r9Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

APPL-13-001060 - The macOS system must accept and verify Personal Identity Verification (PIV) credentials, implement a local cache of revocation data to support path discovery and validation in case of the inability to access revocation information via the network, and only allow the use of DOD PKI-established certificate authorities for verification of the establishment of protected sessions.DISA STIG Apple macOS 13 v1r4Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

Big Sur - Set Smartcard Certificate Trust to ModerateNIST macOS Big Sur v1.4.0 - 800-53r5 ModerateUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

Big Sur - Set Smartcard Certificate Trust to ModerateNIST macOS Big Sur v1.4.0 - All ProfilesUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

Big Sur - Set Smartcard Certificate Trust to ModerateNIST macOS Big Sur v1.4.0 - CNSSI 1253Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

Big Sur - Set Smartcard Certificate Trust to ModerateNIST macOS Big Sur v1.4.0 - 800-53r4 ModerateUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

Catalina - Set Smartcard Certificate Trust to ModerateNIST macOS Catalina v1.5.0 - 800-53r4 ModerateUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

Catalina - Set Smartcard Certificate Trust to ModerateNIST macOS Catalina v1.5.0 - All ProfilesUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

Catalina - Set Smartcard Certificate Trust to ModerateNIST macOS Catalina v1.5.0 - CNSSI 1253Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

Catalina - Set Smartcard Certificate Trust to ModerateNIST macOS Catalina v1.5.0 - 800-53r5 ModerateUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

DKER-EE-001100 - LDAP integration in Docker Enterprise must be configured.DISA STIG Docker Enterprise 2.x Linux/Unix UCP v2r2Unix

ACCESS CONTROL, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION

F5BI-AP-000231 - The F5 BIG-IP appliance must be configured to deny access when revocation data is unavailable using OCSP.DISA F5 BIG-IP Access Policy Manager STIG v2r3F5

IDENTIFICATION AND AUTHENTICATION

F5BI-LT-000203 - The BIG-IP Core implementation must be configured to deny-by-default all PKI-based authentication to virtual servers supporting path discovery and validation if unable to access revocation information via the network.DISA F5 BIG-IP Local Traffic Manager STIG v2r3F5

IDENTIFICATION AND AUTHENTICATION

JRE8-UX-000150 - Oracle JRE 8 must enable the dialog to enable users to check for revocation - deployment.security.validation.crlDISA STIG Oracle JRE 8 Unix v1r3Unix

IDENTIFICATION AND AUTHENTICATION

JRE8-UX-000150 - Oracle JRE 8 must enable the dialog to enable users to check for revocation - deployment.security.validation.crl.lockedDISA STIG Oracle JRE 8 Unix v1r3Unix

IDENTIFICATION AND AUTHENTICATION

JRE8-UX-000160 - Oracle JRE 8 must lock the option to enable users to check for revocation - deployment.security.revocation.checkDISA STIG Oracle JRE 8 Unix v1r3Unix

IDENTIFICATION AND AUTHENTICATION

JRE8-UX-000160 - Oracle JRE 8 must lock the option to enable users to check for revocation - deployment.security.revocation.check.lockedDISA STIG Oracle JRE 8 Unix v1r3Unix

IDENTIFICATION AND AUTHENTICATION

JRE8-WN-000150 - Oracle JRE 8 must enable the dialog to enable users to check publisher certificates for revocation - deployment.security.validation.crlDISA STIG Oracle JRE 8 Windows v2r1Windows

IDENTIFICATION AND AUTHENTICATION

JRE8-WN-000150 - Oracle JRE 8 must enable the dialog to enable users to check publisher certificates for revocation - deployment.security.validation.crl.lockedDISA STIG Oracle JRE 8 Windows v2r1Windows

IDENTIFICATION AND AUTHENTICATION

JRE8-WN-000160 - Oracle JRE 8 must lock the option to enable users to check publisher certificates for revocation - deployment.security.revocation.checkDISA STIG Oracle JRE 8 Windows v2r1Windows

IDENTIFICATION AND AUTHENTICATION

JRE8-WN-000160 - Oracle JRE 8 must lock the option to enable users to check publisher certificates for revocation - eployment.security.revocation.check.lockedDISA STIG Oracle JRE 8 Windows v2r1Windows

IDENTIFICATION AND AUTHENTICATION

Monterey - Set Smartcard Certificate Trust to ModerateNIST macOS Monterey v1.0.0 - CNSSI 1253Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

Monterey - Set Smartcard Certificate Trust to ModerateNIST macOS Monterey v1.0.0 - 800-53r4 ModerateUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

Monterey - Set Smartcard Certificate Trust to ModerateNIST macOS Monterey v1.0.0 - 800-53r5 ModerateUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

Monterey - Set Smartcard Certificate Trust to ModerateNIST macOS Monterey v1.0.0 - All ProfilesUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

RHEL-09-631010 - RHEL 9, for PKI-based authentication, must validate certificates by constructing a certification path (which includes status information) to an accepted trust anchor.DISA Red Hat Enterprise Linux 9 STIG v2r2Unix

IDENTIFICATION AND AUTHENTICATION

SLES-12-030530 - The SUSE operating system, for PKI-based authentication, must validate certificates by constructing a certification path (which includes status information) to an accepted trust anchor.DISA SLES 12 STIG v2r13Unix

IDENTIFICATION AND AUTHENTICATION

SYMP-AG-000420 - Symantec ProxySG providing user authentication intermediary services using PKI-based user authentication must implement a local cache of revocation data to support path discovery and validation in case of the inability to access revocation information via the network.DISA Symantec ProxySG Benchmark ALG v1r3BlueCoat

IDENTIFICATION AND AUTHENTICATION

UBTU-16-030830 - The Ubuntu operating system, for PKI-based authentication, must validate certificates by constructing a certification path (which includes status information) to an accepted trust anchor.DISA STIG Ubuntu 16.04 LTS v2r3Unix

IDENTIFICATION AND AUTHENTICATION

UBTU-18-010425 - The Ubuntu operating system, for PKI-based authentication, must validate certificates by constructing a certification path (which includes status information) to an accepted trust anchor.DISA STIG Ubuntu 18.04 LTS v2r15Unix

IDENTIFICATION AND AUTHENTICATION

UBTU-20-010066 - The Ubuntu operating system for PKI-based authentication, must implement a local cache of revocation data in case of the inability to access revocation information via the network.DISA STIG Ubuntu 20.04 LTS v2r1Unix

IDENTIFICATION AND AUTHENTICATION

UBTU-22-612035 - Ubuntu 22.04 LTS for PKI-based authentication, must implement a local cache of revocation data in case of the inability to access revocation information via the network.DISA STIG Canonical Ubuntu 22.04 LTS v2r2Unix

IDENTIFICATION AND AUTHENTICATION

VCSA-70-000080 - The vCenter Server must enable revocation checking for certificate-based authentication.DISA STIG VMware vSphere 7.0 vCenter v1r3VMware

IDENTIFICATION AND AUTHENTICATION

WDNS-IA-000011 - The Windows 2012 DNS Server must implement a local cache of revocation data for PKIauthentication in the event revocation information via the network is not accessible.DISA Microsoft Windows 2012 Server DNS STIG v2r7Windows

IDENTIFICATION AND AUTHENTICATION