| 1.25 UBTU-24-100830 | CIS Ubuntu Linux 24.04 LTS STIG v1.0.0 CAT II | Unix | ACCESS CONTROL, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.64 UBTU-22-255055 | CIS Ubuntu Linux 22.04 LTS STIG v1.0.0 CAT II | Unix | ACCESS CONTROL, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION |
| AIX7-00-001104 - If LDAP authentication is required on AIX, SSL must be used between LDAP clients and the LDAP servers to protect the integrity of remote access sessions. | DISA STIG AIX 7.x v3r1 | Unix | ACCESS CONTROL |
| F5BI-LT-000037 - The BIG-IP Core implementation must be configured to use NIST SP 800-52 Revision 1 compliant cryptography to protect the integrity of remote access sessions to virtual servers. | DISA F5 BIG-IP Local Traffic Manager STIG v2r4 | F5 | ACCESS CONTROL |
| JBOS-AS-000015 - HTTPS must be enabled for JBoss web interfaces. | DISA JBoss EAP 6.3 STIG v2r6 | Unix | ACCESS CONTROL |
| JUSX-VN-000008 - The Juniper SRX Services Gateway VPN must be configured to use IPsec with SHA256 or greater to negotiate hashing to protect the integrity of remote access sessions. | DISA Juniper SRX Services Gateway VPN v3r2 | Juniper | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| OH12-1X-000011 - OHS must have the LoadModule ossl_module directive enabled to protect the integrity of remote sessions in accordance with the categorization of data hosted by the web server. | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | ACCESS CONTROL |
| OH12-1X-000013 - OHS must have the SSLEngine, SSLProtocol, and SSLWallet directives enabled and configured to protect the integrity of remote sessions in accordance with the categorization of data hosted by the web server - SSLProtocol | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | ACCESS CONTROL |
| OH12-1X-000013 - OHS must have the SSLEngine, SSLProtocol, and SSLWallet directives enabled and configured to protect the integrity of remote sessions in accordance with the categorization of data hosted by the web server - SSLWallet | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | ACCESS CONTROL |
| OH12-1X-000014 - OHS must have the SSLCipherSuite directive enabled to protect the integrity of remote sessions in accordance with the categorization of data hosted by the web server. | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | ACCESS CONTROL |
| OH12-1X-000015 - OHS must have the SecureProxy directive enabled to protect the integrity of remote sessions when integrated with WebLogic in accordance with the categorization of data hosted by the web server. | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | ACCESS CONTROL |
| OH12-1X-000016 - OHS must have the WLSSLWallet directive enabled to protect the integrity of remote sessions when integrated with WebLogic in accordance with the categorization of data hosted by the web server. | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | ACCESS CONTROL |
| OH12-1X-000017 - OHS must have the WebLogicSSLVersion directive enabled to protect the integrity of remote sessions when integrated with WebLogic in accordance with the categorization of data hosted by the web server. | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | ACCESS CONTROL |
| OH12-1X-000018 - OHS must have the WLProxySSL directive enabled to protect the integrity of remote sessions when integrated with WebLogic in accordance with the categorization of data hosted by the web server. | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | ACCESS CONTROL |
| OL6-00-000228 - The Oracle Linux operating system must be configured so that the SSH daemon is configured to only use Message Authentication Codes (MACs) employing FIPS 140-2 approved cryptographic hash algorithms. | DISA STIG Oracle Linux 6 v2r7 | Unix | ACCESS CONTROL |
| OL6-00-000243 - The Oracle Linux 6 operating system must implement DoD-approved encryption to protect the confidentiality of SSH connections. | DISA STIG Oracle Linux 6 v2r7 | Unix | ACCESS CONTROL |
| OL6-00-000253 - The LDAP client must use a TLS connection using trust certificates signed by the site CA. | DISA STIG Oracle Linux 6 v2r7 | Unix | ACCESS CONTROL |
| OL07-00-040180 - The Oracle Linux operating system must implement cryptography to protect the integrity of Lightweight Directory Access Protocol (LDAP) authentication communications - LDAP authentication communications. | DISA Oracle Linux 7 STIG v3r3 | Unix | ACCESS CONTROL |
| OL07-00-040190 - The Oracle Linux operating system must implement cryptography to protect the integrity of Lightweight Directory Access Protocol (LDAP) communications - LDAP communications. | DISA Oracle Linux 7 STIG v3r3 | Unix | ACCESS CONTROL |
| OL07-00-040200 - The Oracle Linux operating system must implement cryptography to protect the integrity of Lightweight Directory Access Protocol (LDAP) communications - LDAP communications. | DISA Oracle Linux 7 STIG v3r3 | Unix | ACCESS CONTROL |
| OL07-00-040200 - The Oracle Linux operating system must implement cryptography to protect the integrity of Lightweight Directory Access Protocol (LDAP) communications. | DISA Oracle Linux 7 STIG v3r3 | Unix | ACCESS CONTROL |
| OL07-00-040400 - The Oracle Linux operating system must be configured so that the SSH daemon is configured to only use Message Authentication Codes (MACs) employing FIPS 140-2 approved cryptographic hash algorithms - MACs employing FIPS 140-2 approved cryptographic hash algorithms. | DISA Oracle Linux 7 STIG v3r3 | Unix | ACCESS CONTROL |
| PANW-AG-000020 - The Palo Alto Networks security platform, if used as a TLS gateway/decryption point or VPN concentrator, must use NIST FIPS-validated cryptography to protect the integrity of remote access sessions. | DISA STIG Palo Alto ALG v3r4 | Palo_Alto | ACCESS CONTROL |
| RHEL-06-000228 - The Red Hat Enterprise Linux operating system must be configured so that the SSH daemon is configured to only use Message Authentication Codes (MACs) employing FIPS 140-2 approved cryptographic hash algorithms. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | ACCESS CONTROL |
| RHEL-07-040180 - The Red Hat Enterprise Linux operating system must implement cryptography to protect the integrity of Lightweight Directory Access Protocol (LDAP) authentication communications. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | ACCESS CONTROL |
| RHEL-07-040190 - The Red Hat Enterprise Linux operating system must implement cryptography to protect the integrity of Lightweight Directory Access Protocol (LDAP) communications. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | ACCESS CONTROL |
| RHEL-07-040200 - The Red Hat Enterprise Linux operating system must implement cryptography to protect the integrity of Lightweight Directory Access Protocol (LDAP) communications. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | ACCESS CONTROL |
| RHEL-07-040400 - The Red Hat Enterprise Linux operating system must be configured so that the SSH daemon is configured to only use Message Authentication Codes (MACs) employing FIPS 140-2 approved cryptographic hash algorithms. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | ACCESS CONTROL |
| SLES-15-010270 - The SUSE operating system SSH daemon must be configured to only use Message Authentication Codes (MACs) employing FIPS 140-2 approved cryptographic hash algorithms. | DISA SUSE Linux Enterprise Server 15 STIG v2r5 | Unix | ACCESS CONTROL, MAINTENANCE |
| SP13-00-000020 - SharePoint must use cryptography to protect the integrity of the remote access session. | DISA STIG SharePoint 2013 v2r4 | Windows | ACCESS CONTROL |
| SRG-OS-000250-ESXI5 - The SSH daemon must be configured to only use Message Authentication Codes (MACs) employing FIPS 140-2 approved cryptographic hash algorithms - MACs with FIPS 140-2 approved crypto | DISA STIG VMWare ESXi Server 5 STIG v2r1 | VMware | ACCESS CONTROL |
| TCAT-AS-000030 - HTTP Strict Transport Security (HSTS) must be enabled. | DISA STIG Apache Tomcat Application Server 9 v3r2 Middleware | Unix | ACCESS CONTROL |
| UBTU-16-030240 - The SSH daemon must be configured to only use Message Authentication Codes (MACs) employing FIPS 140-2 approved cryptographic hash algorithms. | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | ACCESS CONTROL, MAINTENANCE |
| UBTU-20-010043 - The Ubuntu operating system must configure the SSH daemon to use Message Authentication Codes (MACs) employing FIPS 140-2 approved cryptographic hashes to prevent the unauthorized disclosure of information and/or detect changes to information during transmission. | DISA Canonical Ubuntu 20.04 LTS STIG v2r3 | Unix | ACCESS CONTROL, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION |
| UBTU-22-255055 - Ubuntu 22.04 LTS must configure the SSH daemon to use Message Authentication Codes (MACs) employing FIPS 140-3-approved cryptographic hashes to prevent the unauthorized disclosure of information and/or detect changes to information during transmission. | DISA Canonical Ubuntu 22.04 LTS STIG v2r5 | Unix | ACCESS CONTROL, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION |
| UBTU-24-100830 - Ubuntu 24.04 LTS must configure the SSH daemon to use Message Authentication Codes (MACs) employing FIPS 140-3 approved cryptographic hashes to prevent the unauthorized disclosure of information and/or detect changes to information during transmission. | DISA Canonical Ubuntu 24.04 LTS STIG v1r2 | Unix | ACCESS CONTROL, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION |
| VCLD-80-000004 The vCenter VAMI service must use cryptography to protect the integrity of remote sessions. | DISA VMware vSphere 8.0 vCenter Appliance Management Interface (VAMI) STIG v2r1 | Unix | ACCESS CONTROL |
| WBLC-01-000010 - Oracle WebLogic must use cryptography to protect the integrity of the remote access session - SSL Listen Port | Oracle WebLogic Server 12c Linux v2r2 | Unix | ACCESS CONTROL |
| WBLC-01-000010 - Oracle WebLogic must use cryptography to protect the integrity of the remote access session - SSL Listen Port | Oracle WebLogic Server 12c Linux v2r2 Middleware | Unix | ACCESS CONTROL |
| WBLC-01-000010 - Oracle WebLogic must use cryptography to protect the integrity of the remote access session - SSL Listen Port | Oracle WebLogic Server 12c Windows v2r2 | Windows | ACCESS CONTROL |
| WBLC-01-000010 - Oracle WebLogic must use cryptography to protect the integrity of the remote access session - Unsecure Listen Port | Oracle WebLogic Server 12c Linux v2r2 | Unix | ACCESS CONTROL |
| WBLC-01-000010 - Oracle WebLogic must use cryptography to protect the integrity of the remote access session - Unsecure Listen Port | Oracle WebLogic Server 12c Windows v2r2 | Windows | ACCESS CONTROL |
| WBLC-01-000010 - Oracle WebLogic must use cryptography to protect the integrity of the remote access session - Unsecure Listen Port | Oracle WebLogic Server 12c Linux v2r2 Middleware | Unix | ACCESS CONTROL |
| WN10-CC-000285 - The Remote Desktop Session Host must require secure RPC communications. | DISA Microsoft Windows 10 STIG v3r4 | Windows | ACCESS CONTROL |
| WN12-CC-000130 - The Remote Desktop Session Host must require secure RPC communications. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | ACCESS CONTROL |
| WN12-CC-000130 - The Remote Desktop Session Host must require secure RPC communications. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | ACCESS CONTROL |
| WN16-CC-000400 - The Remote Desktop Session Host must require secure Remote Procedure Call (RPC) communications. | DISA Microsoft Windows Server 2016 STIG v2r10 | Windows | ACCESS CONTROL |
| WN16-CC-000410 - Remote Desktop Services must be configured with the client connection encryption set to High Level. | DISA Microsoft Windows Server 2016 STIG v2r10 | Windows | ACCESS CONTROL |
| WN19-CC-000370 - Windows Server 2019 Remote Desktop Services must require secure Remote Procedure Call (RPC) communications. | DISA Microsoft Windows Server 2019 STIG v3r4 | Windows | ACCESS CONTROL |
| WN19-CC-000380 - Windows Server 2019 Remote Desktop Services must be configured with the client connection encryption set to High Level. | DISA Microsoft Windows Server 2019 STIG v3r4 | Windows | ACCESS CONTROL |
