CCI|CCI-002422

Title

Maintain the confidentiality and/or integrity of information during reception.

Reference Item Details

Category: 2024

Audit Items

View all Reference Audit Items

NamePluginAudit Name
5.3.1 Ensure SSH is installedUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
5.3.2 Ensure SSH is runningUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
AIX7-00-002097 - AIX must protect the confidentiality and integrity of transmitted information during preparation for transmission and maintain the confidentiality and integrity of information during reception and disable all non-encryption network access methods.UnixDISA STIG AIX 7.x v3r1
AOSX-13-000035 - The macOS system must implement DoD-approved encryption to protect the confidentiality and integrity of remote access sessions including transmitted data and data during preparation for transmission.UnixDISA STIG Apple Mac OSX 10.13 v2r5
APPL-11-000011 - The macOS system must disable the SSHD service.UnixDISA STIG Apple macOS 11 v1r8
APPL-11-000011 - The macOS system must disable the SSHD service.UnixDISA STIG Apple macOS 11 v1r5
AS24-U1-000030 - The Apache web server must use cryptography to protect the integrity of remote sessions - ssl_moduleUnixDISA STIG Apache Server 2.4 Unix Server v3r1 Middleware
AS24-U1-000030 - The Apache web server must use cryptography to protect the integrity of remote sessions - SSLProtocolUnixDISA STIG Apache Server 2.4 Unix Server v3r1 Middleware
AS24-U1-000030 - The Apache web server must use cryptography to protect the integrity of remote sessions.UnixDISA STIG Apache Server 2.4 Unix Server v3r1
AS24-W1-000030 - The Apache web server must use encryption strength in accordance with the categorization of data hosted by the Apache web server when remote connections are provided - ssl_moduleWindowsDISA STIG Apache Server 2.4 Windows Server v3r1
AS24-W1-000030 - The Apache web server must use encryption strength in accordance with the categorization of data hosted by the Apache web server when remote connections are provided - ssl_moduleWindowsDISA STIG Apache Server 2.4 Windows Server v2r3
AS24-W1-000030 - The Apache web server must use encryption strength in accordance with the categorization of data hosted by the Apache web server when remote connections are provided - SSLProtocolWindowsDISA STIG Apache Server 2.4 Windows Server v2r3
AS24-W1-000030 - The Apache web server must use encryption strength in accordance with the categorization of data hosted by the Apache web server when remote connections are provided - SSLProtocolWindowsDISA STIG Apache Server 2.4 Windows Server v3r1
AS24-W2-000890 - An Apache web server must maintain the confidentiality of controlled information during transmission through the use of an approved TLS version - SSLEngineWindowsDISA STIG Apache Server 2.4 Windows Site v2r1
AS24-W2-000890 - An Apache web server must maintain the confidentiality of controlled information during transmission through the use of an approved TLS version - SSLProtocolWindowsDISA STIG Apache Server 2.4 Windows Site v2r1
BIND-9X-001200 - A BIND 9.x server implementation must maintain the integrity and confidentiality of DNS information while it is being prepared for transmission, in transmission, and in use and t must perform integrity verification and data origin verification for all DNS information.UnixDISA BIND 9.x STIG v2r3
Catalina - Enable SSH for Remote Access SessionsUnixNIST macOS Catalina v1.5.0 - All Profiles
CD12-00-003000 - PostgreSQL must maintain the confidentiality and integrity of information during reception.PostgreSQLDBDISA STIG Crunchy Data PostgreSQL DB v3r1
OH12-1X-000332 - OHS must have the SSLFIPS directive enabled to maintain the confidentiality and integrity of information during reception.UnixDISA STIG Oracle HTTP Server 12.1.3 v2r2
OL07-00-040300 - The Oracle Linux operating system must be configured so that all networked systems have SSH installed.UnixDISA Oracle Linux 7 STIG v3r1
OL08-00-040159 - All OL 8 networked systems must have SSH installed.UnixDISA Oracle Linux 8 STIG v2r2
OL08-00-040160 - All OL 8 networked systems must have and implement SSH to protect the confidentiality and integrity of transmitted and received information, as well as information during preparation for transmission.UnixDISA Oracle Linux 8 STIG v2r2
PGS9-00-003000 - PostgreSQL must maintain the confidentiality and integrity of information during reception.PostgreSQLDBDISA STIG PostgreSQL 9.x on RHEL DB v2r5
PGS9-00-003000 - PostgreSQL must maintain the confidentiality and integrity of information during reception.UnixDISA STIG PostgreSQL 9.x on RHEL OS v2r5
PHTN-30-000026 - The Photon operating system must use an OpenSSH server version that does not support protocol 1.UnixDISA STIG VMware vSphere 7.0 Photon OS v1r3
PHTN-40-000013 The Photon operating system must have the OpenSSL FIPS provider installed to protect the confidentiality of remote access sessions.UnixDISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1
PHTN-67-000068 - The Photon operating system must use OpenSSH for remote maintenance sessions.UnixDISA STIG VMware vSphere 6.7 Photon OS v1r6
RHEL-07-040300 - The Red Hat Enterprise Linux operating system must be configured so that all networked systems have SSH installed.UnixDISA Red Hat Enterprise Linux 7 STIG v3r15
RHEL-07-040310 - The Red Hat Enterprise Linux operating system must be configured so that all networked systems use SSH for confidentiality and integrity of transmitted and received information as well as information during preparation for transmission.UnixDISA Red Hat Enterprise Linux 7 STIG v3r15
RHEL-09-255010 - All RHEL 9 networked systems must have SSH installed.UnixDISA Red Hat Enterprise Linux 9 STIG v2r2
RHEL-09-255015 - All RHEL 9 networked systems must have and implement SSH to protect the confidentiality and integrity of transmitted and received information, as well as information during preparation for transmission.UnixDISA Red Hat Enterprise Linux 9 STIG v2r2
RHEL-09-672050 - RHEL 9 must implement DOD-approved encryption in the bind package.UnixDISA Red Hat Enterprise Linux 9 STIG v2r2
SQL4-00-035100 - The confidentiality and integrity of information managed by SQL Server must be maintained during reception.MS_SQLDBDISA STIG SQL Server 2014 Instance DB Audit v2r4
UBTU-16-030420 - All networked systems must have and implement SSH to protect the confidentiality and integrity of transmitted and received information, as well as information during preparation for transmission - installedUnixDISA STIG Ubuntu 16.04 LTS v2r3
UBTU-16-030420 - All networked systems must have and implement SSH to protect the confidentiality and integrity of transmitted and received information, as well as information during preparation for transmission - runningUnixDISA STIG Ubuntu 16.04 LTS v2r3
UBTU-22-255010 - Ubuntu 22.04 LTS must have SSH installed.UnixDISA STIG Canonical Ubuntu 22.04 LTS v2r2
UBTU-22-255015 - Ubuntu 22.04 LTS must use SSH to protect the confidentiality and integrity of transmitted information.UnixDISA STIG Canonical Ubuntu 22.04 LTS v2r2
VCFL-67-000006 - vSphere Client must be configured to enable SSL/TLS.UnixDISA STIG VMware vSphere 6.7 Virgo Client v1r2
VCLD-67-000003 - VAMI must use cryptography to protect the integrity of remote sessions.UnixDISA STIG VMware vSphere 6.7 VAMI-lighttpd v1r3
VCPG-70-000011 - VMware Postgres must be configured to use Transport Layer Security (TLS).UnixDISA STIG VMware vSphere 7.0 PostgreSQL v1r2
VCRP-70-000004 - Envoy must use only Transport Layer Security (TLS) 1.2 for the protection of client connections.UnixDISA STIG VMware vSphere 7.0 RhttpProxy v1r1
WBSP-AS-001290 - WebSphere Application Server must utilize FIPS 140-2-approved encryption modules when authenticating users and processes.WindowsDISA IBM WebSphere Traditional 9 Windows STIG v1r1
WBSP-AS-001290 - WebSphere Application Server must utilize FIPS 140-2-approved encryption modules when authenticating users and processes.UnixDISA IBM WebSphere Traditional 9 STIG v1r1
WBSP-AS-001290 - WebSphere Application Server must utilize FIPS 140-2-approved encryption modules when authenticating users and processes.UnixDISA IBM WebSphere Traditional 9 STIG v1r1 Middleware
WN16-00-000290 - Protection methods such as TLS, encrypted VPNs, or IPsec must be implemented if the data owner has a strict requirement for ensuring data integrity and confidentiality is maintained at every step of the data transfer and handling process.WindowsDISA Windows Server 2016 STIG v2r9
WN19-00-000260 - Windows Server 2019 must implement protection methods such as TLS, encrypted VPNs, or IPsec if the data owner has a strict requirement for ensuring data integrity and confidentiality is maintained at every step of the data transfer and handling process.WindowsDISA Windows Server 2019 STIG v3r2
WN22-00-000260 - Windows Server 2022 must implement protection methods such as TLS, encrypted VPNs, or IPsec if the data owner has a strict requirement for ensuring data integrity and confidentiality is maintained at every step of the data transfer and handling process.WindowsDISA Windows Server 2022 STIG v2r2