800-53|SI-7(6)

Title

CRYPTOGRAPHIC PROTECTION

Description

The information system implements cryptographic mechanisms to detect unauthorized changes to software, firmware, and information.

Supplemental

Cryptographic mechanisms used for the protection of integrity include, for example, digital signatures and the computation and application of signed hashes using asymmetric cryptography, protecting the confidentiality of the key used to generate the hash, and using the public key to verify the hash information.

Reference Item Details

Reference: NIST 800-53 - Security and Privacy Controls for Federal Information Systems and Organizations

Related: SC-13

Category: SYSTEM AND INFORMATION INTEGRITY

Parent Title: SOFTWARE, FIRMWARE, AND INFORMATION INTEGRITY

Family: SYSTEM AND INFORMATION INTEGRITY

Audit Items

View all Reference Audit Items

Name	Plugin	Audit Name
1.1.1.2.1.17 Set 'System settings: Use Certificate Rules on Windows Executables for Software Restriction Policies' to 'Enabled'	Windows	CIS Windows 2003 MS v3.1.0
1.1.1.2.1.17 Set 'System settings: Use Certificate Rules on Windows Executables for Software Restriction Policies' to 'Enabled'	Windows	CIS Windows 2003 DC v3.1.0
1.1.3.17.9 Set 'User Account Control: Only elevate executables that are signed and validated' to 'Disabled'	Windows	CIS Windows 8 L1 v1.0.0
1.1.11 - /etc/security/login.cfg - 'pwd_algorithm = ssha256 (AIX 5.3 TL7+ only)'	Unix	CIS AIX 5.3/6.1 L2 v1.1.0
1.2.1 Ensure GPG keys are configured	Unix	CIS Oracle Linux 8 Server L1 v1.0.0
1.2.1 Ensure GPG keys are configured	Unix	CIS Oracle Linux 7 Workstation L1 v3.0.0
1.2.1 Ensure GPG keys are configured	Unix	CIS SUSE Linux Enterprise 15 Workstation L1 v1.0.0
1.2.1 Ensure GPG keys are configured	Unix	CIS Oracle Linux 8 Workstation L1 v1.0.0
1.2.1 Ensure GPG keys are configured	Unix	CIS CentOS Linux 8 Server L1 v1.0.0
1.2.1 Ensure GPG keys are configured	Unix	CIS CentOS Linux 8 Workstation L1 v1.0.0
1.2.1 Ensure GPG keys are configured	Unix	CIS SUSE Linux Enterprise 15 Server L1 v1.0.0
1.2.1 Ensure GPG keys are configured	Unix	CIS Red Hat EL7 Workstation L1 v3.0.1
1.2.1 Ensure GPG keys are configured	Unix	CIS Oracle Linux 7 Server L1 v3.0.0
1.2.1 Ensure GPG keys are configured	Unix	CIS Red Hat EL7 Server L1 v3.0.1
1.2.2 Ensure GPG keys are configured	Unix	CIS Amazon Linux v2.1.0 L1
1.2.2 Ensure GPG keys are configured	Unix	CIS Ubuntu Linux 18.04 LTS Workstation L1 v2.0.1
1.2.2 Ensure GPG keys are configured	Unix	CIS Oracle Linux 6 Workstation L1 v1.1.0
1.2.2 Ensure GPG keys are configured	Unix	CIS Ubuntu Linux 16.04 LTS Workstation L1 v1.1.0
1.2.2 Ensure GPG keys are configured	Unix	CIS Ubuntu Linux 18.04 LTS Server L1 v2.0.1
1.2.2 Ensure GPG keys are configured	Unix	CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0
1.2.2 Ensure GPG keys are configured	Unix	CIS Debian 8 Server L1 v2.0.1
1.2.2 Ensure GPG keys are configured	Unix	CIS CentOS 6 Workstation L1 v2.1.0
1.2.2 Ensure GPG keys are configured	Unix	CIS SUSE Linux Enterprise Workstation 12 L1 v2.1.0
1.2.2 Ensure GPG keys are configured	Unix	CIS Ubuntu Linux 20.04 LTS Workstation L1 v1.0.0
1.2.2 Ensure GPG keys are configured	Unix	CIS Debian 8 Workstation L1 v2.0.1
1.2.2 Ensure GPG keys are configured	Unix	CIS CentOS 6 Server L1 v2.1.0
1.2.2 Ensure GPG keys are configured	Unix	CIS Amazon Linux 2 v1.0.0 L1
1.2.2 Ensure GPG keys are configured	Unix	CIS SUSE Linux Enterprise Server 12 L1 v2.1.0
1.2.2 Ensure GPG keys are configured	Unix	CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0
1.2.2 Ensure GPG keys are configured	Unix	CIS Ubuntu Linux 20.04 LTS Server L1 v1.0.0
1.2.2 Ensure GPG keys are configured	Unix	CIS Oracle Linux 6 Server L1 v1.1.0
1.2.2 Ensure GPG keys are configured	Unix	CIS Ubuntu Linux 16.04 LTS Server L1 v1.1.0
1.2.2 Ensure gpgcheck is globally activated	Unix	CIS Red Hat 6 Workstation L1 v2.1.0
1.2.2 Ensure gpgcheck is globally activated	Unix	CIS CentOS Linux 8 Server L1 v1.0.0
1.2.2 Ensure gpgcheck is globally activated	Unix	CIS CentOS Linux 8 Workstation L1 v1.0.0
1.2.2 Ensure gpgcheck is globally activated	Unix	CIS Oracle Linux 8 Server L1 v1.0.0
1.2.2 Ensure gpgcheck is globally activated	Unix	CIS Red Hat 6 Server L1 v2.1.0
1.2.2 Ensure gpgcheck is globally activated	Unix	CIS Oracle Linux 8 Workstation L1 v1.0.0
1.2.2 Verify Red Hat GPG Key is Installed	Unix	CIS Red Hat Enterprise Linux 5 L1 v2.2
1.2.3 Ensure GPG keys are configured	Unix	CIS Red Hat 6 Workstation L1 v2.1.0
1.2.3 Ensure GPG keys are configured	Unix	CIS Red Hat EL8 Workstation L1 v1.0.0
1.2.3 Ensure GPG keys are configured	Unix	CIS Red Hat EL8 Server L1 v1.0.0
1.2.3 Ensure GPG keys are configured	Unix	CIS Red Hat 6 Server L1 v2.1.0
1.2.3 Ensure gpgcheck is globally activated	Unix	CIS CentOS 6 Workstation L1 v2.1.0
1.2.3 Ensure gpgcheck is globally activated	Unix	CIS Amazon Linux 2 v1.0.0 L1
1.2.3 Ensure gpgcheck is globally activated	Unix	CIS Amazon Linux v2.1.0 L1
1.2.3 Ensure gpgcheck is globally activated	Unix	CIS SUSE Linux Enterprise 15 Workstation L1 v1.0.0
1.2.3 Ensure gpgcheck is globally activated	Unix	CIS Oracle Linux 7 Workstation L1 v3.0.0
1.2.3 Ensure gpgcheck is globally activated	Unix	CIS Red Hat EL7 Workstation L1 v3.0.1
1.2.3 Ensure gpgcheck is globally activated	Unix	CIS CentOS 6 Server L1 v2.1.0

Detections

Analytics