CCI|CCI-001159

Title

Issue public key certificates under an organization-defined certificate policy or obtain public key certificates from an approved service provider.

Reference Item Details

Category: 2024

Audit Items

View all Reference Audit Items

NamePluginAudit Name
ARST-ND-000840 - The Arista network device must obtain its public key certificates from an appropriate certificate policy through an approved service provider.AristaDISA STIG Arista MLS EOS 4.2x NDM v2r1
CASA-ND-001370 - The Cisco ASA must be configured to obtain its public key certificates from an appropriate certificate policy through an approved service provider.CiscoDISA STIG Cisco ASA NDM v2r2
CISC-ND-001440 - The Cisco router must be configured to obtain its public key certificates from an appropriate certificate policy through an approved service provider.CiscoDISA STIG Cisco IOS Router NDM v3r2
CISC-ND-001440 - The Cisco router must be configured to obtain its public key certificates from an appropriate certificate policy through an approved service provider.CiscoDISA STIG Cisco IOS XE Router NDM v3r2
CISC-ND-001440 - The Cisco router must be configured to obtain its public key certificates from an appropriate certificate policy through an approved service provider.CiscoDISA STIG Cisco IOS-XR Router NDM v3r2
CISC-ND-001440 - The Cisco switch must be configured to obtain its public key certificates from an appropriate certificate policy through an approved service provider.CiscoDISA STIG Cisco IOS Switch NDM v3r2
CISC-ND-001440 - The Cisco switch must be configured to obtain its public key certificates from an appropriate certificate policy through an approved service provider.CiscoDISA STIG Cisco IOS XE Switch NDM v3r2
CISC-ND-001440 - The Cisco switch must be configured to obtain its public key certificates from an appropriate certificate policy through an approved service provider.CiscoDISA STIG Cisco NX-OS Switch NDM v3r2
F5BI-DM-000283 - The BIG-IP appliance must be configured to obtain its public key certificates from an appropriate certificate policy through a DoD-approved service provider.F5DISA F5 BIG-IP Device Management STIG v2r3
FGFW-ND-000195 - The FortiGate device must use DoD-approved Certificate Authorities (CAs) for public key certificates.FortiGateDISA Fortigate Firewall NDM STIG v1r4
JUEX-NM-000660 - The Juniper EX switch must be configured to obtain its public key certificates from an appropriate certificate policy through an approved service provider.JuniperDISA Juniper EX Series Network Device Management v2r2
JUNI-ND-001430 - The Juniper router must be configured to obtain its public key certificates from an appropriate certificate policy through an approved service provider.JuniperDISA STIG Juniper Router NDM v3r1
JUSX-DM-000105 - The Juniper SRX Services Gateway must use DOD-approved PKI rather than proprietary or self-signed device certificates.JuniperDISA Juniper SRX Services Gateway NDM v3r2
PANW-NM-000141 - The Palo Alto Networks security platform must use DoD-approved PKI rather than proprietary or self-signed device certificates.Palo_AltoDISA STIG Palo Alto NDM v3r2
SYMP-NM-000200 - Symantec ProxySG must obtain its public key certificates from an appropriate certificate policy through an approved service provider.BlueCoatDISA Symantec ProxySG Benchmark NDM v1r2
SYMP-NM-000200 - Symantec ProxySG must obtain its public key certificates from an appropriate certificate policy through an approved service provider. - attribute keyringBlueCoatDISA Symantec ProxySG Benchmark NDM v1r2