Item Search

NameAudit NamePluginCategory
APPNET0060 - Remoting Services HTTP channels must utilize authentication and encryption - applicationsDISA STIG for Microsoft Dot Net Framework 4.0 v2r2Windows

SYSTEM AND COMMUNICATIONS PROTECTION

APPNET0060 - Remoting Services HTTP channels must utilize authentication and encryption - machineDISA STIG for Microsoft Dot Net Framework 4.0 v2r2Windows

SYSTEM AND COMMUNICATIONS PROTECTION

APPNET0071 - Remoting Services TCP channels must utilize authentication and encryption - applicationsDISA STIG for Microsoft Dot Net Framework 4.0 v2r2Windows

SYSTEM AND COMMUNICATIONS PROTECTION

APPNET0071 - Remoting Services TCP channels must utilize authentication and encryption - machineDISA STIG for Microsoft Dot Net Framework 4.0 v2r2Windows

SYSTEM AND COMMUNICATIONS PROTECTION

CASA-VN-000240 - The Cisco ASA must be configured to use FIPS-validated SHA-2 or higher for Internet Key Exchange (IKE) Phase 2 - IKE Phase 2DISA STIG Cisco ASA VPN v1r3Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

CASA-VN-000240 - The Cisco ASA must be configured to use FIPS-validated SHA-2 or higher for Internet Key Exchange (IKE) Phase 2 - proposalDISA STIG Cisco ASA VPN v1r3Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

CNTR-K8-001400 - The Kubernetes API server must use approved cipher suites.DISA STIG Kubernetes v1r11Unix

SYSTEM AND COMMUNICATIONS PROTECTION

CNTR-K8-001410 - Kubernetes API Server must have the SSL Certificate Authority set.DISA STIG Kubernetes v1r11Unix

SYSTEM AND COMMUNICATIONS PROTECTION

CNTR-K8-001420 - Kubernetes Kubelet must have the SSL Certificate Authority set.DISA STIG Kubernetes v1r11Unix

SYSTEM AND COMMUNICATIONS PROTECTION

CNTR-K8-001430 - Kubernetes Controller Manager must have the SSL Certificate Authority set.DISA STIG Kubernetes v1r11Unix

SYSTEM AND COMMUNICATIONS PROTECTION

CNTR-K8-001440 - Kubernetes API Server must have a certificate for communication.DISA STIG Kubernetes v1r11Unix

SYSTEM AND COMMUNICATIONS PROTECTION

CNTR-K8-001450 - Kubernetes etcd must enable client authentication to secure service.DISA STIG Kubernetes v1r11Unix

SYSTEM AND COMMUNICATIONS PROTECTION

CNTR-K8-001460 - Kubernetes Kubelet must enable tlsPrivateKeyFile for client authentication to secure service.DISA STIG Kubernetes v1r11Unix

SYSTEM AND COMMUNICATIONS PROTECTION

CNTR-K8-001470 - Kubernetes Kubelet must enable tlsCertFile for client authentication to secure service.DISA STIG Kubernetes v1r11Unix

SYSTEM AND COMMUNICATIONS PROTECTION

CNTR-K8-001480 - Kubernetes etcd must enable client authentication to secure service.DISA STIG Kubernetes v1r11Unix

SYSTEM AND COMMUNICATIONS PROTECTION

CNTR-K8-001490 - Kubernetes etcd must have a key file for secure communication.DISA STIG Kubernetes v1r11Unix

SYSTEM AND COMMUNICATIONS PROTECTION

CNTR-K8-001500 - Kubernetes etcd must have a certificate for communication.DISA STIG Kubernetes v1r11Unix

SYSTEM AND COMMUNICATIONS PROTECTION

CNTR-K8-001510 - Kubernetes etcd must have the SSL Certificate Authority set.DISA STIG Kubernetes v1r11Unix

SYSTEM AND COMMUNICATIONS PROTECTION

CNTR-K8-001520 - Kubernetes etcd must have a certificate for communication.DISA STIG Kubernetes v1r11Unix

SYSTEM AND COMMUNICATIONS PROTECTION

CNTR-K8-001530 - Kubernetes etcd must have a key file for secure communication.DISA STIG Kubernetes v1r11Unix

SYSTEM AND COMMUNICATIONS PROTECTION

CNTR-K8-001540 - Kubernetes etcd must have peer-cert-file set for secure communication.DISA STIG Kubernetes v1r11Unix

SYSTEM AND COMMUNICATIONS PROTECTION

CNTR-K8-001550 - Kubernetes etcd must have a peer-key-file set for secure communication.DISA STIG Kubernetes v1r11Unix

SYSTEM AND COMMUNICATIONS PROTECTION

DTBI046-IE11 - Logon options must be configured to prompt (Internet zone).DISA STIG IE 11 v2r4Windows

SYSTEM AND COMMUNICATIONS PROTECTION

DTBI136-IE11 - Logon options must be configured and enforced (Restricted Sites zone).DISA STIG IE 11 v2r4Windows

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO421 - Session Initiation Protocol (SIP) security mode must be configured.DISA STIG Microsoft Lync 2013 v1r4Windows

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO421 - Session Initiation Protocol (SIP) security mode must be configured.DISA STIG Microsoft Skype for Business 2016 v1r1Windows

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO422 - In the event a secure SIP connection fails, the connection must be restricted from resorting to the unencrypted HTTP.DISA STIG Microsoft Skype for Business 2016 v1r1Windows

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO422 - In the event a secure SIP connection fails, the connection must be restricted from resorting to the unencrypted HTTP.DISA STIG Microsoft Lync 2013 v1r4Windows

SYSTEM AND COMMUNICATIONS PROTECTION

EX13-EG-000090 - Exchange Internet-facing Receive connectors must offer Transport Layer Security (TLS) before using basic authentication.DISA Microsoft Exchange 2013 Edge Transport Server STIG v1r5Windows

SYSTEM AND COMMUNICATIONS PROTECTION

EX13-MB-000110 - Exchange internal Receive connectors must require encryption.DISA Microsoft Exchange 2013 Mailbox Server STIG v2r2Windows

SYSTEM AND COMMUNICATIONS PROTECTION

EX13-MB-000115 - Exchange internal Receive connectors must use Domain Security (mutual authentication Transport Layer Security) - mutual authentication Transport Layer Security.DISA Microsoft Exchange 2013 Mailbox Server STIG v2r2Windows

SYSTEM AND COMMUNICATIONS PROTECTION

EX13-MB-000120 - Exchange internal Send connectors must require encryption.DISA Microsoft Exchange 2013 Mailbox Server STIG v2r2Windows

SYSTEM AND COMMUNICATIONS PROTECTION

EX16-ED-000170 - Exchange internal Send connectors must use domain security (mutual authentication Transport Layer Security)DISA Microsoft Exchange 2016 Edge Transport Server STIG v2r5Windows

SYSTEM AND COMMUNICATIONS PROTECTION

F5BI-AP-000234 - The F5 BIG-IP appliance must not use the On-Demand Cert Auth VPE agent as part of the APM Policy Profiles.DISA F5 BIG-IP Access Policy Manager STIG v2r3F5

SYSTEM AND COMMUNICATIONS PROTECTION

F5BI-AP-000236 - The F5 BIG-IP appliance must be configured to limit authenticated client sessions to initial session source IP.DISA F5 BIG-IP Access Policy Manager STIG v2r3F5

SYSTEM AND COMMUNICATIONS PROTECTION

O365-LY-000001 - The SIP security mode in Lync must be enabled.DISA STIG Microsoft Office 365 ProPlus v2r11Windows

SYSTEM AND COMMUNICATIONS PROTECTION

SP13-00-000110 - SharePoint must ensure authentication of both client and server during the entire session. An example of this is SSL Mutual Authentication.DISA STIG SharePoint 2013 v2r3Windows

SYSTEM AND COMMUNICATIONS PROTECTION

SP13-00-000125 - SharePoint must implement an information system isolation boundary that minimizes the number of nonsecurity functions included within the boundary containing security functions.DISA STIG SharePoint 2013 v2r3Windows

SYSTEM AND COMMUNICATIONS PROTECTION

SYMP-AG-000490 - Symantec ProxySG must use Transport Layer Security (TLS) to protect the authenticity of communications sessions.DISA Symantec ProxySG Benchmark ALG v1r3BlueCoat

SYSTEM AND COMMUNICATIONS PROTECTION

TCAT-AS-000800 - Tomcat servers must mutually authenticate proxy or load balancer connections.DISA STIG Apache Tomcat Application Server 9 v2r6Unix

SYSTEM AND COMMUNICATIONS PROTECTION

TCAT-AS-000800 - Tomcat servers must mutually authenticate proxy or load balancer connections.DISA STIG Apache Tomcat Application Server 9 v2r6 MiddlewareUnix

SYSTEM AND COMMUNICATIONS PROTECTION

WBLC-08-000223 - Oracle WebLogic must ensure authentication of both client and server during the entire session.Oracle WebLogic Server 12c Linux v2r1 MiddlewareUnix

SYSTEM AND COMMUNICATIONS PROTECTION

WBLC-08-000223 - Oracle WebLogic must ensure authentication of both client and server during the entire session.Oracle WebLogic Server 12c Linux v2r1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

WBLC-08-000223 - Oracle WebLogic must ensure authentication of both client and server during the entire session.Oracle WebLogic Server 12c Windows v2r1Windows

SYSTEM AND COMMUNICATIONS PROTECTION

WBSP-AS-001410 - The WebSphere Application Server DoD root CAs must be in the trust store.DISA IBM WebSphere Traditional 9 STIG v1r1 MiddlewareUnix

SYSTEM AND COMMUNICATIONS PROTECTION

WBSP-AS-001410 - The WebSphere Application Server DoD root CAs must be in the trust store.DISA IBM WebSphere Traditional 9 STIG v1r1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

WBSP-AS-001410 - The WebSphere Application Server DoD root CAs must be in the trust store.DISA IBM WebSphere Traditional 9 Windows STIG v1r1Windows

SYSTEM AND COMMUNICATIONS PROTECTION

WDNS-SC-000019 - The Windows 2012 DNS Server must protect the authenticity of zone transfers via transaction signing.DISA Microsoft Windows 2012 Server DNS STIG v2r5Windows

SYSTEM AND COMMUNICATIONS PROTECTION

WDNS-SC-000020 - The Windows 2012 DNS Server must protect the authenticity of dynamic updates via transaction signing.DISA Microsoft Windows 2012 Server DNS STIG v2r5Windows

SYSTEM AND COMMUNICATIONS PROTECTION

WDNS-SC-000021 - The Windows 2012 DNS Server must protect the authenticity of query responses via DNSSEC.DISA Microsoft Windows 2012 Server DNS STIG v2r5Windows

SYSTEM AND COMMUNICATIONS PROTECTION