Audits
Settings
Links
Tenable Cloud
Tenable Community & Support
Tenable University
Theme
Light
Dark
Auto
Help
Plugins
Overview
Plugins Pipeline
Newest
Updated
Search
Nessus Families
WAS Families
NNM Families
LCE Families
Tenable OT Security Families
About Plugin Families
Release Notes
Audits
Overview
Newest
Updated
Search Audit Files
Search Items
References
Authorities
Documentation
Download All Audit Files
Policies
Overview
Search
AWS Resources
Azure Resources
GCP Resources
Kubernetes Resources
Indicators
Overview
Search
Indicators of Attack
Indicators of Exposure
CVEs
Overview
Newest
Updated
Search
Attack Path Techniques
Overview
Search
Links
Tenable Cloud
Tenable Community & Support
Tenable University
Settings
Theme
Light
Dark
Auto
Detections
Plugins
Overview
Plugins Pipeline
Release Notes
Newest
Updated
Search
Nessus Families
WAS Families
NNM Families
LCE Families
Tenable OT Security Families
About Plugin Families
Audits
Overview
Newest
Updated
Search Audit Files
Search Items
References
Authorities
Documentation
Download All Audit Files
Policies
Overview
Search
AWS Resources
Azure Resources
GCP Resources
Kubernetes Resources
Indicators
Overview
Search
Indicators of Attack
Indicators of Exposure
Analytics
CVEs
Overview
Newest
Updated
Search
Attack Path Techniques
Overview
Search
Audits
References
CCI
CCI-000068
CCI
CCI|CCI-000068
Title
Implement cryptographic mechanisms to protect the confidentiality of remote access sessions.
Reference Item Details
Reference:
CCI - DISA Control Correlation Identifier
Category:
2024
Audit Items
View all Reference Audit Items
Name
Plugin
Audit Name
1.5.9 Ensure NIST FIPS-validated cryptography is configured - etc
Unix
CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.5.9 Ensure NIST FIPS-validated cryptography is configured - grub
Unix
CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.5.9 Ensure NIST FIPS-validated cryptography is configured - proc
Unix
CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.5.9 Ensure NIST FIPS-validated cryptography is configured - rpm
Unix
CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
2.1350 - The system must implement NIST FIPS-validated cryptography - fips
Unix
Tenable Fedora Linux Best Practices v2.0.0
3.061 - Unencrypted remote access is permitted to system services.
Windows
DISA Windows Vista STIG v6r41
3.061 - Unencrypted remote access is permitted to system services.
Windows
DISA Windows Server 2008 MS STIG v6r46
3.061 - Unencrypted remote access is permitted to system services.
Windows
DISA Windows Server 2008 DC STIG v6r47
3.061 - Unencrypted remote access to system services must not be permitted.
Windows
DISA Windows 7 STIG v1r32
3.061 - Unencrypted remote access will not be permitted to system services.
Windows
DISA Windows Server 2008 R2 MS STIG v1r33
3.061 - Unencrypted remote access will not be permitted to system services.
Windows
DISA Windows Server 2008 R2 DC STIG v1r34
5.3.16 Ensure only FIPS 140-2 ciphers are used for SSH
Unix
CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
5.043 - Remote Desktop Services is not configured with the client connection encryption set to the required level.
Windows
DISA Windows 7 STIG v1r32
5.043 - Remote Desktop Services will be configured with the client connection encryption set to the required level.
Windows
DISA Windows Server 2008 R2 MS STIG v1r33
5.043 - Remote Desktop Services will be configured with the client connection encryption set to the required level.
Windows
DISA Windows Server 2008 R2 DC STIG v1r34
5.043 - Terminal Services is not configured with the client connection encryption set to the required level.
Windows
DISA Windows Vista STIG v6r41
5.043 - Terminal Services is not configured with the client connection encryption set to the required level.
Windows
DISA Windows Server 2008 MS STIG v6r46
5.043 - Terminal Services is not configured with the client connection encryption set to the required level.
Windows
DISA Windows Server 2008 DC STIG v6r47
AIOS-11-012800 - If an unmanaged third-party VPN client is installed on the iOS device, it must not be configured with a DoD VPN profile.
MDM
MobileIron - DISA Apple iOS 11 v1r4
AIOS-11-012800 - If an unmanaged third-party VPN client is installed on the iOS device, it must not be configured with a DoD VPN profile.
MDM
AirWatch - DISA Apple iOS 11 v1r4
AIOS-12-000800 - If a third-party VPN client is installed on the iOS/iPadOS device, it must not be configured with a DoD VPN profile.
MDM
AirWatch - DISA Apple iOS 12 v1r2
AIOS-12-000800 - If an unmanaged third-party VPN client is installed on the iOS device, it must not be configured with a DoD network (work) VPN profile.
MDM
MobileIron - DISA Apple iOS 12 v1r2
AIOS-12-001000 - Apple iOS must be configured to enforce an application installation policy by specifying an authorized application repo.
MDM
AirWatch - DISA Apple iOS 12 v1r2
AIOS-12-001000 - Apple iOS must be configured to enforce an application installation policy by specifying one or more authorized application repositories, including [selection: Apple App Store].
MDM
AirWatch - DISA Apple iOS 12 v2r1
AIOS-12-001000 - Apple iOS must be configured to enforce an application installation policy by specifying one or more authorized application repositories, including [selection: Apple App Store].
MDM
MobileIron - DISA Apple iOS 12 v2r1
AIOS-12-001000 - Apple iOS must be configured to enforce an application installation policy by specifying one or more authorized application repositories, including [selection: Apple App Store].
MDM
MobileIron - DISA Apple iOS 12 v1r2
AIOS-12-001300 - Apple iOS must not include applications with the following characteristics: Siri when the device is locked.
MDM
AirWatch - DISA Apple iOS 12 v2r1
AIOS-12-001300 - Apple iOS must not include applications with the following characteristics: Siri when the device is locked.
MDM
MobileIron - DISA Apple iOS 12 v2r1
AIOS-12-001300 - Apple iOS must not include applications with the following characteristics: Siri when the device is locked.
MDM
MobileIron - DISA Apple iOS 12 v1r2
AIOS-12-001300 - Apple iOS must not include applications with the following characteristics: Siri when the device is locked.
MDM
AirWatch - DISA Apple iOS 12 v1r2
AIOS-13-000800 - If a third-party VPN client is installed on the iOS/iPadOS device, it must not be configured with a DoD VPN profile.
MDM
AirWatch - DISA Apple iOS/iPadOS 13 v1r1
AIOS-13-000800 - If a third-party VPN client is installed on the iOS/iPadOS device, it must not be configured with a DoD VPN profile.
MDM
MobileIron - DISA Apple iOS/iPadOS 13 v1r1
AIOS-13-001000 - Apple iOS must be configured to enforce an application installation policy by specifying an authorized application repo.
MDM
AirWatch - DISA Apple iOS/iPadOS 13 v1r1
AIOS-13-001000 - Apple iOS must be configured to enforce an application installation policy by specifying an authorized application repo.
MDM
MobileIron - DISA Apple iOS/iPadOS 13 v1r1
AIOS-13-001000 - Apple iOS/iPadOS must be configured to enforce an application installation policy by specifying one or more authorized application repositories, including [selection: Apple App Store].
MDM
MobileIron - DISA Apple iOS/iPadOS 13 v2r1
AIOS-13-001000 - Apple iOS/iPadOS must be configured to enforce an application installation policy by specifying one or more authorized application repositories, including [selection: Apple App Store].
MDM
AirWatch - DISA Apple iOS/iPadOS 13 v2r1
AIOS-13-001300 - Apple iOS/iPadOS must not include applications with the following characteristics: access to Siri when the device is locked.
MDM
MobileIron - DISA Apple iOS/iPadOS 13 v2r1
AIOS-13-001300 - Apple iOS/iPadOS must not include applications with the following characteristics: access to Siri when the device is locked.
MDM
AirWatch - DISA Apple iOS/iPadOS 13 v2r1
AIOS-13-001300 - Apple iOS/iPadOS must not include applications with the following: access to Siri when the device is locked.
MDM
AirWatch - DISA Apple iOS/iPadOS 13 v1r1
AIOS-13-001300 - Apple iOS/iPadOS must not include applications with the following: access to Siri when the device is locked.
MDM
MobileIron - DISA Apple iOS/iPadOS 13 v1r1
AIOS-14-001000 - Apple iOS/iPadOS must not include applications with the following characteristics: access to Siri when the device is locked.
MDM
AirWatch - DISA Apple iOS/iPadOS 14 v1r2
AIOS-14-001000 - Apple iOS/iPadOS must not include applications with the following characteristics: access to Siri when the device is locked.
MDM
MobileIron - DISA Apple iOS/iPadOS 14 v1r2
AIOS-14-001000 - Apple iOS/iPadOS must not include applications with the following characteristics: access to Siri when the device is locked.
MDM
AirWatch - DISA Apple iOS/iPadOS 14 v1r3
AIOS-14-001000 - Apple iOS/iPadOS must not include applications with the following characteristics: access to Siri when the device is locked.
MDM
MobileIron - DISA Apple iOS/iPadOS 14 v1r3
AIX7-00-002104 - The AIX SSH server must use SSH Protocol 2.
Unix
DISA STIG AIX 7.x v2r6
AIX7-00-002104 - The AIX SSH server must use SSH Protocol 2.
Unix
DISA STIG AIX 7.x v2r8
AIX7-00-002104 - The AIX SSH server must use SSH Protocol 2.
Unix
DISA STIG AIX 7.x v2r5
AIX7-00-002104 - The AIX SSH server must use SSH Protocol 2.
Unix
DISA STIG AIX 7.x v2r9
AIX7-00-002104 - The AIX SSH server must use SSH Protocol 2.
Unix
DISA STIG AIX 7.x v2r1
AIX7-00-002104 - The AIX SSH server must use SSH Protocol 2.
Unix
DISA STIG AIX 7.x v2r3