Audits
Settings
Links
Tenable Cloud
Tenable Community & Support
Tenable University
Theme
Light
Dark
Auto
Help
Plugins
Overview
Plugins Pipeline
Newest
Updated
Search
Nessus Families
WAS Families
NNM Families
LCE Families
Tenable OT Security Families
About Plugin Families
Release Notes
Audits
Overview
Newest
Updated
Search Audit Files
Search Items
References
Authorities
Documentation
Download All Audit Files
Policies
Overview
Search
AWS Resources
Azure Resources
GCP Resources
Kubernetes Resources
Indicators
Overview
Search
Indicators of Attack
Indicators of Exposure
CVEs
Overview
Newest
Updated
Search
Attack Path Techniques
Overview
Search
Links
Tenable Cloud
Tenable Community & Support
Tenable University
Settings
Theme
Light
Dark
Auto
Detections
Plugins
Overview
Plugins Pipeline
Release Notes
Newest
Updated
Search
Nessus Families
WAS Families
NNM Families
LCE Families
Tenable OT Security Families
About Plugin Families
Audits
Overview
Newest
Updated
Search Audit Files
Search Items
References
Authorities
Documentation
Download All Audit Files
Policies
Overview
Search
AWS Resources
Azure Resources
GCP Resources
Kubernetes Resources
Indicators
Overview
Search
Indicators of Attack
Indicators of Exposure
Analytics
CVEs
Overview
Newest
Updated
Search
Attack Path Techniques
Overview
Search
Audits
References
CCI
CCI-001991
CCI
CCI|CCI-001991
Title
The information system, for PKI-based authentication, implements a local cache of revocation data to support path discovery and validation in case of inability to access revocation information via the network.
Reference Item Details
Reference:
CCI - DISA Control Correlation Identifier
Category:
2013
Audit Items
View all Reference Audit Items
Name
Plugin
Audit Name
AIX7-00-002110 - AIX must setup SSH daemon to disable revoked public keys.
Unix
DISA STIG AIX 7.x v2r1
AIX7-00-002110 - AIX must setup SSH daemon to disable revoked public keys.
Unix
DISA STIG AIX 7.x v2r3
AIX7-00-002110 - AIX must setup SSH daemon to disable revoked public keys.
Unix
DISA STIG AIX 7.x v2r5
AIX7-00-002110 - AIX must setup SSH daemon to disable revoked public keys.
Unix
DISA STIG AIX 7.x v2r8
AIX7-00-002110 - AIX must setup SSH daemon to disable revoked public keys.
Unix
DISA STIG AIX 7.x v2r6
AIX7-00-002110 - AIX must setup SSH daemon to disable revoked public keys.
Unix
DISA STIG AIX 7.x v2r9
APPL-14-001060 - The macOS system must set smart card certificate trust to moderate.
Unix
DISA Apple macOS 14 (Sonoma) STIG v1r2
Big Sur - Set Smartcard Certificate Trust to Moderate
Unix
NIST macOS Big Sur v1.4.0 - 800-53r5 Moderate
Big Sur - Set Smartcard Certificate Trust to Moderate
Unix
NIST macOS Big Sur v1.4.0 - 800-53r4 Moderate
Big Sur - Set Smartcard Certificate Trust to Moderate
Unix
NIST macOS Big Sur v1.4.0 - All Profiles
Big Sur - Set Smartcard Certificate Trust to Moderate
Unix
NIST macOS Big Sur v1.4.0 - CNSSI 1253
Catalina - Set Smartcard Certificate Trust to Moderate
Unix
NIST macOS Catalina v1.5.0 - 800-53r4 Moderate
Catalina - Set Smartcard Certificate Trust to Moderate
Unix
NIST macOS Catalina v1.5.0 - All Profiles
Catalina - Set Smartcard Certificate Trust to Moderate
Unix
NIST macOS Catalina v1.5.0 - 800-53r5 Moderate
Catalina - Set Smartcard Certificate Trust to Moderate
Unix
NIST macOS Catalina v1.5.0 - CNSSI 1253
DKER-EE-001100 - LDAP integration in Docker Enterprise must be configured.
Unix
DISA STIG Docker Enterprise 2.x Linux/Unix UCP v2r1
DKER-EE-001100 - LDAP integration in Docker Enterprise must be configured.
Unix
DISA STIG Docker Enterprise 2.x Linux/Unix UCP v1r1
F5BI-AP-000231 - The F5 BIG-IP appliance must be configured to deny access when revocation data is unavailable using OCSP.
F5
DISA F5 BIG-IP Access Policy Manager STIG v2r3
F5BI-LT-000203 - The BIG-IP Core implementation must be configured to deny-by-default all PKI-based authentication to virtual servers supporting path discovery and validation if unable to access revocation information via the network.
F5
DISA F5 BIG-IP Local Traffic Manager 11.x STIG v1r3
F5BI-LT-000203 - The BIG-IP Core implementation must be configured to deny-by-default all PKI-based authentication to virtual servers supporting path discovery and validation if unable to access revocation information via the network.
F5
DISA F5 BIG-IP Local Traffic Manager 11.x STIG v2r2
F5BI-LT-000203 - The BIG-IP Core implementation must be configured to deny-by-default all PKI-based authentication to virtual servers supporting path discovery and validation if unable to access revocation information via the network.
F5
DISA F5 BIG-IP Local Traffic Manager STIG v2r3
F5BI-LT-000203 - The BIG-IP Core implementation must be configured to deny-by-default all PKI-based authentication to virtual servers supporting path discovery and validation if unable to access revocation information via the network.
F5
DISA F5 BIG-IP Local Traffic Manager 11.x STIG v2r1
JRE8-UX-000150 - Oracle JRE 8 must enable the dialog to enable users to check for revocation - deployment.security.validation.crl
Unix
DISA STIG Oracle JRE 8 Unix v1r3
JRE8-UX-000150 - Oracle JRE 8 must enable the dialog to enable users to check for revocation - deployment.security.validation.crl
Unix
DISA STIG Oracle JRE 8 Unix v1r2
JRE8-UX-000150 - Oracle JRE 8 must enable the dialog to enable users to check for revocation - deployment.security.validation.crl.locked
Unix
DISA STIG Oracle JRE 8 Unix v1r2
JRE8-UX-000150 - Oracle JRE 8 must enable the dialog to enable users to check for revocation - deployment.security.validation.crl.locked
Unix
DISA STIG Oracle JRE 8 Unix v1r3
JRE8-UX-000160 - Oracle JRE 8 must lock the option to enable users to check for revocation - deployment.security.revocation.check
Unix
DISA STIG Oracle JRE 8 Unix v1r2
JRE8-UX-000160 - Oracle JRE 8 must lock the option to enable users to check for revocation - deployment.security.revocation.check
Unix
DISA STIG Oracle JRE 8 Unix v1r3
JRE8-UX-000160 - Oracle JRE 8 must lock the option to enable users to check for revocation - deployment.security.revocation.check.locked
Unix
DISA STIG Oracle JRE 8 Unix v1r2
JRE8-UX-000160 - Oracle JRE 8 must lock the option to enable users to check for revocation - deployment.security.revocation.check.locked
Unix
DISA STIG Oracle JRE 8 Unix v1r3
JRE8-WN-000150 - JRE 8 must enable the dialog to check publisher certs for revocation - deployment.security.validation.crl.locked
Windows
DISA STIG Oracle JRE 8 Windows v1r5
JRE8-WN-000150 - JRE 8 must enable the dialog to enable users to check publisher certs for revocation - deployment.security.validation.crl
Windows
DISA STIG Oracle JRE 8 Windows v1r5
JRE8-WN-000150 - Oracle JRE 8 must enable the dialog to enable users to check publisher certificates for revocation - deployment.security.validation.crl
Windows
DISA STIG Oracle JRE 8 Windows v2r1
JRE8-WN-000150 - Oracle JRE 8 must enable the dialog to enable users to check publisher certificates for revocation - deployment.security.validation.crl.locked
Windows
DISA STIG Oracle JRE 8 Windows v2r1
JRE8-WN-000160 - JRE 8 must lock the option to check publisher certs for revocation - eployment.security.revocation.check.locked
Windows
DISA STIG Oracle JRE 8 Windows v1r5
JRE8-WN-000160 - JRE 8 must lock the option to enable users to check publisher certs for revocation - deployment.security.revocation.check
Windows
DISA STIG Oracle JRE 8 Windows v1r5
JRE8-WN-000160 - Oracle JRE 8 must lock the option to enable users to check publisher certificates for revocation - deployment.security.revocation.check
Windows
DISA STIG Oracle JRE 8 Windows v2r1
JRE8-WN-000160 - Oracle JRE 8 must lock the option to enable users to check publisher certificates for revocation - eployment.security.revocation.check.locked
Windows
DISA STIG Oracle JRE 8 Windows v2r1
Monterey - Set Smartcard Certificate Trust to Moderate
Unix
NIST macOS Monterey v1.0.0 - CNSSI 1253
Monterey - Set Smartcard Certificate Trust to Moderate
Unix
NIST macOS Monterey v1.0.0 - 800-53r4 Moderate
Monterey - Set Smartcard Certificate Trust to Moderate
Unix
NIST macOS Monterey v1.0.0 - 800-53r5 Moderate
Monterey - Set Smartcard Certificate Trust to Moderate
Unix
NIST macOS Monterey v1.0.0 - All Profiles
OL08-00-010090 - OL 8, for PKI-based authentication, must validate certificates by constructing a certification path (which includes status information) to an accepted trust anchor - which includes status information to an accepted trust anchor.
Unix
DISA Oracle Linux 8 STIG v1r7
OL08-00-010090 - OL 8, for PKI-based authentication, must validate certificates by constructing a certification path (which includes status information) to an accepted trust anchor - which includes status information to an accepted trust anchor.
Unix
DISA Oracle Linux 8 STIG v1r4
OL08-00-010090 - OL 8, for PKI-based authentication, must validate certificates by constructing a certification path (which includes status information) to an accepted trust anchor - which includes status information to an accepted trust anchor.
Unix
DISA Oracle Linux 8 STIG v1r6
OL08-00-010090 - OL 8, for PKI-based authentication, must validate certificates by constructing a certification path (which includes status information) to an accepted trust anchor - which includes status information to an accepted trust anchor.
Unix
DISA Oracle Linux 8 STIG v1r8
OL08-00-010090 - OL 8, for PKI-based authentication, must validate certificates by constructing a certification path (which includes status information) to an accepted trust anchor.
Unix
DISA Oracle Linux 8 STIG v1r10
OL08-00-010090 - OL 8, for PKI-based authentication, must validate certificates by constructing a certification path (which includes status information) to an accepted trust anchor.
Unix
DISA Oracle Linux 8 STIG v1r2
OL08-00-010090 - OL 8, for PKI-based authentication, must validate certificates by constructing a certification path (which includes status information) to an accepted trust anchor.
Unix
DISA Oracle Linux 8 STIG v1r9
OL08-00-010090 - OL 8, for PKI-based authentication, must validate certificates by constructing a certification path (which includes status information) to an accepted trust anchor.
Unix
DISA Oracle Linux 8 STIG v1r1