3.154 - The use of DES encryption suites must not be allowed for Kerberos encryption. | DISA Windows Server 2008 R2 DC STIG v1r34 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
3.154 - The use of DES encryption suites must not be allowed for Kerberos encryption. | DISA Windows Server 2008 R2 MS STIG v1r33 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
AMLS-L3-000320 - Arista MLS must not enable the RIP routing protocol. | DISA STIG Arista MLS DCS-7000 Series RTR V1R2 | Arista | CONFIGURATION MANAGEMENT |
CASA-VN-000230 - The Cisco ASA must be configured to use FIPS-validated SHA-2 at 384 bits or higher for Internet Key Exchange (IKE) Phase 1 - IKE Phase 1. | DISA STIG Cisco ASA VPN v1r3 | Cisco | IDENTIFICATION AND AUTHENTICATION |
CISC-L2-000030 - The Cisco switch must authenticate all VLAN Trunk Protocol (VTP) messages with a hash function using the most secured cryptographic algorithm available. | DISA STIG Cisco NX-OS Switch L2S v1r1 | Cisco | IDENTIFICATION AND AUTHENTICATION |
CISC-RT-000040 - The Cisco switch must be configured to use encryption for routing protocol authentication - bgp | DISA STIG Cisco NX-OS Switch RTR v1r1 | Cisco | IDENTIFICATION AND AUTHENTICATION |
CISC-RT-000040 - The Cisco switch must be configured to use encryption for routing protocol authentication - is-is | DISA STIG Cisco NX-OS Switch RTR v1r1 | Cisco | IDENTIFICATION AND AUTHENTICATION |
CISC-RT-000040 - The Cisco switch must be configured to use encryption for routing protocol authentication - ospf | DISA STIG Cisco IOS Switch RTR v1r1 | Cisco | IDENTIFICATION AND AUTHENTICATION |
CISC-RT-000050 - The Cisco router must be configured to authenticate all routing protocol messages using NIST-validated FIPS 198-1 message authentication code algorithm. | DISA STIG Cisco IOS Router RTR v1r4 | Cisco | IDENTIFICATION AND AUTHENTICATION |
DB2X-00-004600 - DB2 must use NIST FIPS 140-2 validated cryptographic modules for cryptographic operations - DB2COMM | DISA STIG IBM DB2 v10.5 LUW v1r4 OS Windows | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
DB2X-00-004600 - DB2 must use NIST FIPS 140-2 validated cryptographic modules for cryptographic operations - SSL_VERSIONS | DISA STIG IBM DB2 v10.5 LUW v1r4 Database | IBM_DB2DB | SYSTEM AND COMMUNICATIONS PROTECTION |
DB2X-00-004600 - DB2 must use NIST FIPS 140-2 validated cryptographic modules for cryptographic operations. - DB2COMM | DISA STIG IBM DB2 v10.5 LUW v1r3 OS Windows | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
DB2X-00-004600 - DB2 must use NIST FIPS 140-2 validated cryptographic modules for cryptographic operations. - DB2COMM | DISA STIG IBM DB2 v10.5 LUW v1r3 OS Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
EP11-00-013200 - The EDB Postgres Advanced Server must be configured on a platform that has a NIST certified FIPS 140-2 installation of OpenSSL. - hostssl | EDB PostgreSQL Advanced Server v11 Windows OS Audit v1r1 | Windows | CONFIGURATION MANAGEMENT |
EP11-00-013200 - The EDB Postgres Advanced Server must be configured on a platform that has a NIST certified FIPS 140-2 installation of OpenSSL. - openssl_conf | EDB PostgreSQL Advanced Server v11 Windows OS Audit v1r1 | Windows | CONFIGURATION MANAGEMENT |
EPAS-00-004900 - The EDB Postgres Advanced Server must use NIST FIPS 140-2 or 140-3 validated cryptographic modules for cryptographic operations. | EnterpriseDB PostgreSQL Advanced Server OS Linux v1r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
EPAS-00-004950 - The EDB Postgres Advanced Server must be configured on a platform that has a NIST-certified FIPS 140-2 or 140-3 installation of OpenSSL. | EnterpriseDB PostgreSQL Advanced Server OS Linux v1r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
JUEX-NM-000340 - The Juniper EX switch must be configured to use FIPS 140-2 approved algorithms for authentication to a cryptographic module. | DISA Juniper EX Series Network Device Management v1r5 | Juniper | IDENTIFICATION AND AUTHENTICATION |
JUEX-RT-000290 - The Juniper router must be configured to use encryption for routing protocol authentication. | DISA Juniper EX Series Router v1r3 | Juniper | IDENTIFICATION AND AUTHENTICATION |
JUNI-RT-000040 - The Juniper router must be configured to use encryption for routing protocol authentication - IS-IS | DISA STIG Juniper Router RTR v1r4 | Juniper | IDENTIFICATION AND AUTHENTICATION |
JUNI-RT-000050 - The Juniper router must be configured to authenticate all routing protocol messages using NIST-validated FIPS 140-2 message authentication code algorithm - IS-IS | DISA STIG Juniper Router RTR v1r4 | Juniper | IDENTIFICATION AND AUTHENTICATION |
JUNI-RT-000050 - The Juniper router must be configured to authenticate all routing protocol messages using NIST-validated FIPS 140-2 message authentication code algorithm - OSPF | DISA STIG Juniper Router RTR v1r4 | Juniper | IDENTIFICATION AND AUTHENTICATION |
MADB-10-004400 - MariaDB must use NIST FIPS 140-2 validated cryptographic modules for cryptographic operations. | DISA MariaDB Enterprise 10.x v1r3 OS Linux | Unix | IDENTIFICATION AND AUTHENTICATION |
MD4X-00-001300 - MongoDB must use NIST FIPS 140-2 or 140-3 validated cryptographic modules for cryptographic operations. | DISA STIG MongoDB Enterprise Advanced 4.x v1r2 OS | Unix | |
O112-C2-015700 - The DBMS must use NIST-validated FIPS 140-2-compliant cryptography for authentication mechanisms. | DISA STIG Oracle 11.2g v1r18 Windows | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
O112-C2-015700 - The DBMS must use NIST-validated FIPS 140-2-compliant cryptography for authentication mechanisms. | DISA STIG Oracle 11.2g v1r18 Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
OL08-00-010159 - The OL 8 'pam_unix.so' module must be configured in the system-auth file to use a FIPS 140-2 approved cryptographic hashing algorithm for system authentication. | DISA Oracle Linux 8 STIG v1r9 | Unix | IDENTIFICATION AND AUTHENTICATION |
OL08-00-010161 - OL 8 must prevent system daemons from using Kerberos for authentication. | DISA Oracle Linux 8 STIG v1r9 | Unix | IDENTIFICATION AND AUTHENTICATION |
OL08-00-010162 - The krb5-workstation package must not be installed on OL 8. | DISA Oracle Linux 8 STIG v1r9 | Unix | IDENTIFICATION AND AUTHENTICATION |
PPS9-00-013200 - The EDB Postgres Advanced Server must be configured on a platform that has a NIST certified FIPS 140-2 installation of OpenSSL. | EDB PostgreSQL Advanced Server OS Linux Audit v1r7 | Unix | CONFIGURATION MANAGEMENT |
RHEL-08-010159 - The RHEL 8 pam_unix.so module must be configured in the system-auth file to use a FIPS 140-2 approved cryptographic hashing algorithm for system authentication. | DISA Red Hat Enterprise Linux 8 STIG v1r14 | Unix | IDENTIFICATION AND AUTHENTICATION |
RHEL-08-010160 - The RHEL 8 pam_unix.so module must be configured in the password-auth file to use a FIPS 140-2 approved cryptographic hashing algorithm for system authentication. | DISA Red Hat Enterprise Linux 8 STIG v1r14 | Unix | IDENTIFICATION AND AUTHENTICATION |
RHEL-08-010161 - RHEL 8 must prevent system daemons from using Kerberos for authentication. | DISA Red Hat Enterprise Linux 8 STIG v1r14 | Unix | IDENTIFICATION AND AUTHENTICATION |
RHEL-08-010162 - The krb5-workstation package must not be installed on RHEL 8. | DISA Red Hat Enterprise Linux 8 STIG v1r14 | Unix | IDENTIFICATION AND AUTHENTICATION |
RHEL-08-010163 - The krb5-server package must not be installed on RHEL 8. | DISA Red Hat Enterprise Linux 8 STIG v1r14 | Unix | IDENTIFICATION AND AUTHENTICATION |
RHEL-09-252065 - RHEL 9 libreswan package must be installed. | DISA Red Hat Enterprise Linux 9 STIG v1r2 | Unix | |
RHEL-09-611055 - RHEL 9 system-auth must be configured to use a sufficient number of hashing rounds. | DISA Red Hat Enterprise Linux 9 STIG v1r1 | Unix | |
RHEL-09-611150 - RHEL 9 shadow password suite must be configured to use a sufficient number of hashing rounds. | DISA Red Hat Enterprise Linux 9 STIG v1r2 | Unix | |
RHEL-09-611205 - RHEL 9 must prevent system daemons from using Kerberos for authentication. | DISA Red Hat Enterprise Linux 9 STIG v1r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
RHEL-09-652015 - RHEL 9 must have the packages required for encrypting offloaded audit logs installed. | DISA Red Hat Enterprise Linux 9 STIG v1r2 | Unix | |
RHEL-09-671015 - RHEL 9 must employ FIPS 140-3 approved cryptographic hashing algorithms for all stored passwords. | DISA Red Hat Enterprise Linux 9 STIG v1r1 | Unix | |
RHEL-09-672025 - RHEL 9 must use mechanisms meeting the requirements of applicable federal laws, executive orders, directives, policies, regulations, standards, and guidance for authentication to a cryptographic module. | DISA Red Hat Enterprise Linux 9 STIG v1r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
SLES-15-010260 - The SUSE operating system must employ FIPS 140-2 approved cryptographic hashing algorithm for system authentication (login.defs). | DISA SLES 15 STIG v1r12 | Unix | IDENTIFICATION AND AUTHENTICATION |
SYMP-NM-000280 - Symantec ProxySG must be configured to use only FIPS 140-2 approved algorithms for authentication to a cryptographic module with any application or protocol. | DISA Symantec ProxySG Benchmark NDM v1r2 | BlueCoat | IDENTIFICATION AND AUTHENTICATION |
UBTU-20-010404 - The Ubuntu operating system must encrypt all stored passwords with a FIPS 140-2 approved cryptographic hashing algorithm. | DISA STIG Ubuntu 20.04 LTS v1r12 | Unix | IDENTIFICATION AND AUTHENTICATION |
VCLD-70-000056 - VAMI must enable FIPS mode. | DISA STIG VMware vSphere 7.0 VAMI v1r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
VCPG-67-000015 - VMware Postgres must use FIPS 140-2 approved TLS ciphers. | DISA STIG VMware vSphere 6.7 PostgreSQL v1r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
WN10-CC-000052 - Windows 10 must be configured to prioritize ECC Curves with longer key lengths first. | DISA Windows 10 STIG v2r1 | Windows | IDENTIFICATION AND AUTHENTICATION |
WN11-SO-000190 - Kerberos encryption types must be configured to prevent the use of DES and RC4 encryption suites. | DISA Windows 11 STIG v1r6 | Windows | IDENTIFICATION AND AUTHENTICATION |
WN22-SO-000290 - Windows Server 2022 Kerberos encryption types must be configured to prevent the use of DES and RC4 encryption suites. | DISA Windows Server 2022 STIG v1r5 | Windows | IDENTIFICATION AND AUTHENTICATION |