CCI|CCI-002448

Title

Distribute asymmetric cryptographic keys using: NSA-approved key management technology and processes; prepositioned keying material; DoD-approved or DoD-issued Medium Assurance PKI certificates; DoD-approved or DoD-issued Medium Hardware Assurance PKI certificates and hardware security tokens that protect the user's private key; or certificates issued in accordance with organization-defined requirements.

Reference Item Details

Category: 2024

Audit Items

View all Reference Audit Items

NamePluginAudit Name
AS24-U2-000030 - The Apache web server must use encryption strength in accordance with the categorization of data hosted by the Apache web server when remote connections are provided.UnixDISA STIG Apache Server 2.4 Unix Site v2r4
AS24-U2-000030 - The Apache web server must use encryption strength in accordance with the categorization of data hosted by the Apache web server when remote connections are provided.UnixDISA STIG Apache Server 2.4 Unix Site v2r4 Middleware
AS24-U2-000870 - The Apache web server cookies, such as session cookies, sent to the client using SSL/TLS must not be compressed.UnixDISA STIG Apache Server 2.4 Unix Site v2r4 Middleware
AS24-U2-000870 - The Apache web server cookies, such as session cookies, sent to the client using SSL/TLS must not be compressed.UnixDISA STIG Apache Server 2.4 Unix Site v2r4
AS24-U2-000890 - Cookies exchanged between the Apache web server and the client, such as session cookies, must have cookie properties set to force the encryption of cookies.UnixDISA STIG Apache Server 2.4 Unix Site v2r4 Middleware
AS24-U2-000890 - Cookies exchanged between the Apache web server and the client, such as session cookies, must have cookie properties set to force the encryption of cookies.UnixDISA STIG Apache Server 2.4 Unix Site v2r4
CNTR-K8-002620 - Kubernetes API Server must disable basic authentication to protect information in transit.UnixDISA STIG Kubernetes v2r2
CNTR-K8-002630 - Kubernetes API Server must disable token authentication to protect information in transit.UnixDISA STIG Kubernetes v2r2
CNTR-K8-002640 - Kubernetes endpoints must use approved organizational certificate and key pair to protect information in transit.UnixDISA STIG Kubernetes v2r2