| 1.5.9 Ensure NIST FIPS-validated cryptography is configured - etc | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.5.9 Ensure NIST FIPS-validated cryptography is configured - grub | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.5.9 Ensure NIST FIPS-validated cryptography is configured - proc | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.5.9 Ensure NIST FIPS-validated cryptography is configured - rpm | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.67 RHEL-09-215100 | CIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II | Unix | MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.69 RHEL-09-215105 | CIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II | Unix | MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.450 RHEL-09-672020 | CIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT I | Unix | MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION |
| AIX7-00-001108 - AIX must implement NIST FIPS-validated cryptography for the following: to provision digital signatures, to generate cryptographic hashes, and to protect unclassified information requiring confidentiality and cryptographic protection in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards. | DISA STIG AIX 7.x v3r1 | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| ALMA-09-004310 - AlmaLinux OS 9 must use the TuxCare FIPS repository. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | ACCESS CONTROL, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION |
| ALMA-09-004320 - AlmaLinux OS 9 must use the TuxCare FIPS packages and not the default encryption packages. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | ACCESS CONTROL, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION |
| ALMA-09-004420 - AlmaLinux OS 9 must enable FIPS mode. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | ACCESS CONTROL, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION |
| AOSX-13-000570 - The macOS system must implement NSA-approved cryptography to protect classified information in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards. | DISA STIG Apple Mac OSX 10.13 v2r5 | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| AOSX-13-000750 - The macOS system must issue or obtain public key certificates under an appropriate certificate policy from an approved service provider. | DISA STIG Apple Mac OSX 10.13 v2r5 | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| AOSX-14-003001 - The macOS system must issue or obtain public key certificates under an appropriate certificate policy from an approved service provider. | DISA STIG Apple Mac OSX 10.14 v2r6 | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| AOSX-15-003001 - The macOS system must issue or obtain public key certificates under an appropriate certificate policy from an approved service provider. | DISA STIG Apple Mac OSX 10.15 v1r10 | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| APPL-11-003001 - The macOS system must issue or obtain public key certificates under an appropriate certificate policy from an approved service provider. | DISA STIG Apple macOS 11 v1r5 | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| APPL-11-003001 - The macOS system must issue or obtain public key certificates under an appropriate certificate policy from an approved service provider. | DISA STIG Apple macOS 11 v1r8 | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| APPL-12-003001 - The macOS system must issue or obtain public key certificates under an appropriate certificate policy from an approved service provider. | DISA STIG Apple macOS 12 v1r9 | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| APPL-13-003001 - The macOS system must issue or obtain public key certificates under an appropriate certificate policy from an approved service provider. | DISA STIG Apple macOS 13 v1r5 | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| Catalina - Limit SSHD to FIPS 140 Validated Ciphers | NIST macOS Catalina v1.5.0 - All Profiles | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| Catalina - Limit SSHD to FIPS 140 Validated Message Authentication Code Algorithms | NIST macOS Catalina v1.5.0 - All Profiles | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| EP11-00-004900 - The EDB Postgres Advanced Server must use NIST FIPS 140-2 or 140-3 validated cryptographic modules for all cryptographic operations including generation of cryptographic hashes and data protection - version | EDB PostgreSQL Advanced Server v11 DB Audit v2r4 | PostgreSQLDB | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| EP11-00-004900 - The EDB Postgres Advanced Server must use NIST FIPS 140-2 or 140-3 validated cryptographic modules for all cryptographic operations including generation of cryptographic hashes and data protection. | EDB PostgreSQL Advanced Server v11 Windows OS Audit v2r4 | Windows | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| JUSX-VN-000024 - The Juniper SRX Services Gateway VPN IKE must use NIST FIPS-validated cryptography to implement encryption services for unclassified VPN traffic. | DISA Juniper SRX Services Gateway VPN v3r2 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| MD3X-00-000380 - MongoDB must use NIST FIPS 140-2-validated cryptographic modules for cryptographic operations. | DISA STIG MongoDB Enterprise Advanced 3.x v2r3 OS | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| Monterey - Limit SSH to FIPS Compliant Connections | NIST macOS Monterey v1.0.0 - 800-53r4 High | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION |
| Monterey - Limit SSH to FIPS Compliant Connections | NIST macOS Monterey v1.0.0 - 800-53r4 Moderate | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION |
| Monterey - Limit SSH to FIPS Compliant Connections | NIST macOS Monterey v1.0.0 - 800-53r5 High | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION |
| Monterey - Limit SSH to FIPS Compliant Connections | NIST macOS Monterey v1.0.0 - 800-53r5 Moderate | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION |
| Monterey - Limit SSHD to FIPS Compliant Connections | NIST macOS Monterey v1.0.0 - 800-53r5 Moderate | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION |
| Monterey - Limit SSHD to FIPS Compliant Connections | NIST macOS Monterey v1.0.0 - 800-53r5 Low | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION |
| Monterey - Limit SSHD to FIPS Compliant Connections | NIST macOS Monterey v1.0.0 - All Profiles | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION |
| OL09-00-000070 - OL 9 must enable FIPS mode. | DISA Oracle Linux 9 STIG v1r2 | Unix | ACCESS CONTROL, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION |
| OL09-00-000240 - OL 9 must have the crypto-policies package installed. | DISA Oracle Linux 9 STIG v1r2 | Unix | MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION |
| OL09-00-000241 - OL 9 must implement a FIPS 140-3 compliant system-wide cryptographic policy. | DISA Oracle Linux 9 STIG v1r2 | Unix | MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION |
| OL09-00-000242 - OL 9 must not allow the cryptographic policy to be overridden. | DISA Oracle Linux 9 STIG v1r2 | Unix | MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION |
| PHTN-67-000067 - The Photon operating system must configure sshd to use FIPS 140-2 ciphers. | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-09-215100 - RHEL 9 must have the crypto-policies package installed. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-09-215105 - RHEL 9 must implement a FIPS 140-3 compliant systemwide cryptographic policy. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-09-671010 - RHEL 9 must enable FIPS mode. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | ACCESS CONTROL, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-09-672020 - RHEL 9 cryptographic policy must not be overridden. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION |
| SPLK-CL-000390 - Splunk Enterprise must be installed in FIPS mode to implement NIST FIPS-approved cryptography for all cryptographic functions. | DISA STIG Splunk Enterprise 8.x for Linux v2r2 STIG REST API | Splunk | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| SQL4-00-031100 - SQL Server must use NIST FIPS 140-2 or 140-3 validated cryptographic modules for cryptographic operations. | DISA STIG SQL Server 2014 Instance OS Audit v2r4 | Windows | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| SQL6-D0-015600 - SQL Server must implement NIST FIPS 140-2 or 140-3 validated cryptographic modules to provision digital signatures. | DISA STIG SQL Server 2016 Instance OS Audit v3r4 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| VCLD-70-000002 - VAMI must be configured with FIPS 140-2 compliant ciphers for HTTPS connections. | DISA STIG VMware vSphere 7.0 VAMI v1r2 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| VCRP-70-000003 - Envoy must be configured to operate in FIPS mode. | DISA STIG VMware vSphere 7.0 RhttpProxy v1r1 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| WN12-AD-000011-DC - Separate, NSA-approved (Type 1) cryptography must be used to protect the directory data-in-transit for directory service implementations at a classified confidentiality level when replication data traverses a network cleared to a lower level than the data - Type 1 cryptography must be used to protect the directory data-in-transit for directory service implementations at a classified confidentiality level when replication data traverses a network cleared to a lower level than the data. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN16-DC-000140 - Separate, NSA-approved (Type 1) cryptography must be used to protect the directory data in transit for directory service implementations at a classified confidentiality level when replication data traverses a network cleared to a lower level than the data. | DISA Microsoft Windows Server 2016 STIG v2r10 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN16-SO-000430 - Windows Server 2016 must be configured to use FIPS-compliant algorithms for encryption, hashing, and signing. | DISA Microsoft Windows Server 2016 STIG v2r10 | Windows | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| WN19-DC-000140 - Windows Server 2019 must use separate, NSA-approved (Type 1) cryptography to protect the directory data in transit for directory service implementations at a classified confidentiality level when replication data traverses a network cleared to a lower level than the data. | DISA Microsoft Windows Server 2019 STIG v3r4 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
