| 1.452 RHEL-09-672050 | CIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| AOSX-15-002062 - The macOS system must be configured with Bluetooth turned off unless approved by the organization - DisableBluetooth | DISA STIG Apple Mac OSX 10.15 v1r10 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| APPL-12-002062 - The macOS system must be configured with Bluetooth turned off unless approved by the organization. | DISA STIG Apple macOS 12 v1r9 | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| AS24-U1-000870 - Cookies exchanged between the Apache web server and the client, such as session cookies, must have cookie properties set to prohibit client-side scripts from reading the cookie data | DISA STIG Apache Server 2.4 Unix Server v3r2 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| AS24-U1-000900 - The Apache web server must remove all export ciphers to protect the confidentiality and integrity of transmitted information. | DISA STIG Apache Server 2.4 Unix Server v3r2 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| AS24-U1-000900 - The Apache web server must remove all export ciphers to protect the confidentiality and integrity of transmitted information. | DISA STIG Apache Server 2.4 Unix Server v3r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| AS24-W2-000870 - Cookies exchanged between the Apache web server and the client, such as session cookies, must have cookie properties set to prohibit client-side scripts from reading the cookie data - Session On | DISA STIG Apache Server 2.4 Windows Site v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| AS24-W2-000880 - Cookies exchanged between the Apache web server and the client, such as session cookies, must have cookie properties set to force the encryption of cookies - Session On | DISA STIG Apache Server 2.4 Windows Site v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| AS24-W2-000880 - Cookies exchanged between the Apache web server and the client, such as session cookies, must have cookie properties set to force the encryption of cookies - SessionCookieName | DISA STIG Apache Server 2.4 Windows Site v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| AS24-W2-000880 - Cookies exchanged between the Apache web server and the client, such as session cookies, must have cookie properties set to force the encryption of cookies - SessionCryptoPassphrase | DISA STIG Apache Server 2.4 Windows Site v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| ESXI-65-000050 - The ESXi host must protect the confidentiality and integrity of transmitted information by protecting IP based management traffic. | DISA STIG VMware vSphere ESXi 6.5 v2r4 | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX13-CA-000150 - Exchange OWA must use https - Internal | DISA Microsoft Exchange 2013 Client Access Server STIG v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX13-EG-000340 - Exchange internal Receive connectors must require encryption. | DISA Microsoft Exchange 2013 Edge Transport Server STIG v1r6 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX16-ED-000680 - Exchange internal Receive connectors must require encryption. | DISA Microsoft Exchange 2016 Edge Transport Server STIG v2r6 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX16-ED-000680 - Exchange internal Receive connectors must require encryption. | DISA Microsoft Exchange 2016 Edge Transport Server STIG v2r5 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX16-ED-000690 - Exchange internal Send connectors must require encryption - DomainSecureEnabled | DISA Microsoft Exchange 2016 Edge Transport Server STIG v2r5 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX16-ED-000690 - Exchange internal Send connectors must require encryption - DomainSecureEnabled | DISA Microsoft Exchange 2016 Edge Transport Server STIG v2r6 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX16-ED-000690 - Exchange internal Send connectors must require encryption - RequireTLS | DISA Microsoft Exchange 2016 Edge Transport Server STIG v2r6 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX16-ED-000690 - Exchange internal Send connectors must require encryption - RequireTLS | DISA Microsoft Exchange 2016 Edge Transport Server STIG v2r5 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX16-ED-000690 - Exchange internal Send connectors must require encryption - TlsAuthLevel | DISA Microsoft Exchange 2016 Edge Transport Server STIG v2r6 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX16-ED-000690 - Exchange internal Send connectors must require encryption - TlsAuthLevel | DISA Microsoft Exchange 2016 Edge Transport Server STIG v2r5 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX16-ED-000690 - Exchange internal Send connectors must require encryption - TlsDomain | DISA Microsoft Exchange 2016 Edge Transport Server STIG v2r5 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| IIST-SI-000244 - IIS 10.0 website session IDs must be sent to the client using TLS. | DISA IIS 10.0 Site v2r12 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| IIST-SI-000246 - Cookies exchanged between the IIS 10.0 website and the client must have cookie properties set to prohibit client-side scripts from reading the cookie data. | DISA IIS 10.0 Site v2r12 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| IIST-SV-000154 - The IIS 10.0 web server must maintain the confidentiality of controlled information during transmission through the use of an approved Transport Layer Security (TLS) version. | DISA IIS 10.0 Server v3r4 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| IISW-SI-000244 - IIS 8.5 website session IDs must be sent to the client using TLS. | DISA IIS 8.5 Site v2r9 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| IISW-SV-000152 - IIS 8.5 web server session IDs must be sent to the client using TLS. | DISA IIS 8.5 Server v2r7 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| IISW-SV-000154 - A web server must maintain the confidentiality of controlled information during transmission through the use of an approved TLS version. | DISA IIS 8.5 Server v2r7 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| JBOS-AS-000650 - JBoss must be configured to use an approved TLS version. | DISA JBoss EAP 6.3 STIG v2r6 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OH12-1X-000308 - OHS must have the LoadModule ossl_module directive enabled to prevent unauthorized disclosure of information during transmission. | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OH12-1X-000309 - OHS must have the SSLFIPS directive enabled to prevent unauthorized disclosure of information during transmission. | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OH12-1X-000310 - OHS must have the SSLEngine, SSLProtocol, SSLWallet directives enabled and configured to prevent unauthorized disclosure of information during transmission - SSLProtocol | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OH12-1X-000311 - OHS must have the SSLCipherSuite directive enabled to prevent unauthorized disclosure of information during transmission. | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OH12-1X-000313 - OHS must have the WLSSLWallet directive enabled to prevent unauthorized disclosure of information during transmission. | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OH12-1X-000315 - If using the WebLogic Web Server Proxy Plugin and configuring SSL termination at OHS, OHS must have the WLProxySSL directive enabled to prevent unauthorized disclosure of information during transmission. | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OH12-1X-000320 - OHS must have the LoadModule ossl_module directive enabled to maintain the confidentiality of controlled information during transmission through the use of an approved TLS version. | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OH12-1X-000322 - OHS must have the SSLEngine, SSLProtocol, and SSLWallet directives enabled and configured to maintain the confidentiality of controlled information during transmission through the use of an approved TLS version - SSLEngine | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OH12-1X-000322 - OHS must have the SSLEngine, SSLProtocol, and SSLWallet directives enabled and configured to maintain the confidentiality of controlled information during transmission through the use of an approved TLS version - SSLProtocol | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OH12-1X-000322 - OHS must have the SSLEngine, SSLProtocol, and SSLWallet directives enabled and configured to maintain the confidentiality of controlled information during transmission through the use of an approved TLS version - SSLWallet | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OL09-00-002421 - OL 9 must implement DOD-approved encryption in the bind package. | DISA Oracle Linux 9 STIG v1r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| SOL-11.1-060100 - The operating system must protect the confidentiality of transmitted information. | DISA Solaris 11 X86 STIG v3r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| SOL-11.1-060190 - The operating system must protect the integrity of transmitted information. | DISA Solaris 11 X86 STIG v3r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| SPLK-CL-000070 - Splunk Enterprise must use SSL to protect the confidentiality and integrity of transmitted information. | DISA STIG Splunk Enterprise 7.x for Windows v3r1 REST API | Splunk | SYSTEM AND COMMUNICATIONS PROTECTION |
| UBTU-18-010521 - The Ubuntu operating system must disable all wireless network adapters. | DISA STIG Ubuntu 18.04 LTS v2r15 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| WDNS-SC-000028 - The Windows 2012 DNS Server must protect the integrity of transmitted information. | DISA Microsoft Windows 2012 Server DNS STIG v2r7 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN11-SO-000040 - Outgoing secure channel traffic must be encrypted. | DISA Microsoft Windows 11 STIG v2r4 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN22-SO-000060 - Windows Server 2022 setting Domain member: Digitally encrypt or sign secure channel data (always) must be configured to Enabled. | DISA Microsoft Windows Server 2022 STIG v2r5 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN22-SO-000080 - Windows Server 2022 setting Domain member: Digitally sign secure channel data (when possible) must be configured to Enabled. | DISA Microsoft Windows Server 2022 STIG v2r5 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN22-SO-000160 - Windows Server 2022 setting Microsoft network client: Digitally sign communications (always) must be configured to Enabled. | DISA Microsoft Windows Server 2022 STIG v2r5 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN22-SO-000190 - Windows Server 2022 setting Microsoft network server: Digitally sign communications (always) must be configured to Enabled. | DISA Microsoft Windows Server 2022 STIG v2r5 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
