| 1.27 OL08-00-010163 | CIS Oracle Linux 8 STIG v1.0.0 CAT II | Unix | IDENTIFICATION AND AUTHENTICATION |
| 1.111 WN10-CC-000052 | CIS Microsoft Windows 10 STIG v1.0.0 CAT II | Windows | IDENTIFICATION AND AUTHENTICATION |
| 1.215 WN10-SO-000190 | CIS Microsoft Windows 10 STIG v1.0.0 CAT II | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.1.26 Ensure system daemons are prevented from using Kerberos for authentication | CIS Red Hat Enterprise Linux 8 STIG v2.0.0 STIG | Unix | IDENTIFICATION AND AUTHENTICATION |
| 2.1.30 Ensure the krb5-server package has not been installed on the system | CIS Red Hat Enterprise Linux 8 STIG v2.0.0 STIG | Unix | IDENTIFICATION AND AUTHENTICATION |
| 2.2.6 Ensure krb5-workstation is not installed | CIS Red Hat Enterprise Linux 8 STIG v2.0.0 STIG | Unix | IDENTIFICATION AND AUTHENTICATION |
| AIOS-18-007400 - The Apple iOS/iPadOS 18 allow list must be configured to not include applications with the following characteristics: - Backs up MD data to non-DOD cloud servers (including user and application access to cloud backup services); - Transmits MD diagnostic data to non-DOD servers; - Allows synchronization of data or applications between devices associated with user; - Allows unencrypted (or encrypted but not FIPS 140-3 validated) data sharing with other MDs or printers; - Backs up its own data to a remote system; and - Uses artificial intelligence (AI), which processes data in the cloud (off device). Exception: Apple Intelligence Private Cloud Compute (PCC) - allows unencrypted (or encrypted but not FIPS 140-2 validated) data sharing with other MDs or printers. | MobileIron - DISA Apple iOS/iPadOS 18 v2r2 | MDM | IDENTIFICATION AND AUTHENTICATION |
| ARST-ND-000470 - The Arista network device must use FIPS 140-2 approved algorithms for authentication to a cryptographic module. | DISA Arista MLS EOS 4.X NDM STIG v2r2 | Arista | IDENTIFICATION AND AUTHENTICATION |
| Big Sur - Ensure all Federal Laws, Executive Orders, Directives, Policies, Regulations, Standards, and Guidance for Authentication to a Cryptographic Module are Met | NIST macOS Big Sur v1.4.0 - 800-53r4 Moderate | Unix | IDENTIFICATION AND AUTHENTICATION |
| Big Sur - Ensure all Federal Laws, Executive Orders, Directives, Policies, Regulations, Standards, and Guidance for Authentication to a Cryptographic Module are Met | NIST macOS Big Sur v1.4.0 - 800-53r5 High | Unix | IDENTIFICATION AND AUTHENTICATION |
| Big Sur - Ensure all Federal Laws, Executive Orders, Directives, Policies, Regulations, Standards, and Guidance for Authentication to a Cryptographic Module are Met | NIST macOS Big Sur v1.4.0 - 800-53r4 High | Unix | IDENTIFICATION AND AUTHENTICATION |
| Big Sur - Ensure all Federal Laws, Executive Orders, Directives, Policies, Regulations, Standards, and Guidance for Authentication to a Cryptographic Module are Met | NIST macOS Big Sur v1.4.0 - 800-53r4 Low | Unix | IDENTIFICATION AND AUTHENTICATION |
| Big Sur - Ensure all Federal Laws, Executive Orders, Directives, Policies, Regulations, Standards, and Guidance for Authentication to a Cryptographic Module are Met | NIST macOS Big Sur v1.4.0 - 800-53r5 Low | Unix | IDENTIFICATION AND AUTHENTICATION |
| Big Sur - Ensure all Federal Laws, Executive Orders, Directives, Policies, Regulations, Standards, and Guidance for Authentication to a Cryptographic Module are Met | NIST macOS Big Sur v1.4.0 - All Profiles | Unix | IDENTIFICATION AND AUTHENTICATION |
| Big Sur - Ensure all Federal Laws, Executive Orders, Directives, Policies, Regulations, Standards, and Guidance for Authentication to a Cryptographic Module are Met | NIST macOS Big Sur v1.4.0 - 800-53r5 Moderate | Unix | IDENTIFICATION AND AUTHENTICATION |
| Big Sur - Ensure all Federal Laws, Executive Orders, Directives, Policies, Regulations, Standards, and Guidance for Authentication to a Cryptographic Module are Met | NIST macOS Big Sur v1.4.0 - CNSSI 1253 | Unix | IDENTIFICATION AND AUTHENTICATION |
| Big Sur - Limit SSH to FIPS 140 Validated Ciphers | NIST macOS Big Sur v1.4.0 - 800-171 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| Catalina - Ensure all Federal Laws, Executive Orders, Directives, Policies, Regulations, Standards, and Guidance for Authentication to a Cryptographic Module are Met | NIST macOS Catalina v1.5.0 - 800-53r5 High | Unix | IDENTIFICATION AND AUTHENTICATION |
| Catalina - Ensure all Federal Laws, Executive Orders, Directives, Policies, Regulations, Standards, and Guidance for Authentication to a Cryptographic Module are Met | NIST macOS Catalina v1.5.0 - 800-53r5 Moderate | Unix | IDENTIFICATION AND AUTHENTICATION |
| Catalina - Ensure all Federal Laws, Executive Orders, Directives, Policies, Regulations, Standards, and Guidance for Authentication to a Cryptographic Module are Met | NIST macOS Catalina v1.5.0 - All Profiles | Unix | IDENTIFICATION AND AUTHENTICATION |
| Catalina - Ensure all Federal Laws, Executive Orders, Directives, Policies, Regulations, Standards, and Guidance for Authentication to a Cryptographic Module are Met | NIST macOS Catalina v1.5.0 - 800-53r4 Low | Unix | IDENTIFICATION AND AUTHENTICATION |
| Catalina - Ensure all Federal Laws, Executive Orders, Directives, Policies, Regulations, Standards, and Guidance for Authentication to a Cryptographic Module are Met | NIST macOS Catalina v1.5.0 - 800-53r5 Low | Unix | IDENTIFICATION AND AUTHENTICATION |
| Catalina - Ensure all Federal Laws, Executive Orders, Directives, Policies, Regulations, Standards, and Guidance for Authentication to a Cryptographic Module are Met | NIST macOS Catalina v1.5.0 - 800-53r4 High | Unix | IDENTIFICATION AND AUTHENTICATION |
| Catalina - Ensure all Federal Laws, Executive Orders, Directives, Policies, Regulations, Standards, and Guidance for Authentication to a Cryptographic Module are Met | NIST macOS Catalina v1.5.0 - 800-53r4 Moderate | Unix | IDENTIFICATION AND AUTHENTICATION |
| Catalina - Ensure all Federal Laws, Executive Orders, Directives, Policies, Regulations, Standards, and Guidance for Authentication to a Cryptographic Module are Met | NIST macOS Catalina v1.5.0 - CNSSI 1253 | Unix | IDENTIFICATION AND AUTHENTICATION |
| CD12-00-012800 - The DBMS must be configured on a platform that has a NIST certified FIPS 140-2 or 140-3 installation of OpenSSL. | DISA STIG Crunchy Data PostgreSQL OS v3r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| DTOO257 - Outlook - S/Mime interoperability with external clients for message handling must be configured. | DISA Microsoft Outlook 2010 STIG v1r14 | Windows | IDENTIFICATION AND AUTHENTICATION |
| DTOO260 - Outlook - Message formats must be set to use SMime. | DISA Microsoft Outlook 2010 STIG v1r14 | Windows | IDENTIFICATION AND AUTHENTICATION |
| DTOO262 - Outlook - Run in FIPS compliant mode must be enforced. | DISA Microsoft Outlook 2010 STIG v1r14 | Windows | IDENTIFICATION AND AUTHENTICATION |
| GOOG-16-006700 - Google Android 16 allowlist must be configured to not include applications with the following characteristics: | AirWatch - DISA Google Android 16 COBO STIG v1r1 | MDM | IDENTIFICATION AND AUTHENTICATION |
| GOOG-16-006750 - Google Android 16 allowlist must be configured to not include artificial intelligence (AI) applications that process device data in the cloud, including Google Gemini - AI applications that process device data in the cloud, including Google Gemini. | AirWatch - DISA Google Android 16 COPE STIG v1r1 | MDM | IDENTIFICATION AND AUTHENTICATION |
| JUEX-L2-000030 - The Juniper layer 2 switch must be configured to disable all dynamic VLAN registration protocols. | DISA Juniper EX Series Layer 2 Switch v2r4 | Juniper | IDENTIFICATION AND AUTHENTICATION |
| Monterey - Ensure all Federal Laws, Executive Orders, Directives, Policies, Regulations, Standards, and Guidance for Authentication to a Cryptographic Module are Met | NIST macOS Monterey v1.0.0 - 800-53r4 Moderate | Unix | IDENTIFICATION AND AUTHENTICATION |
| Monterey - Ensure all Federal Laws, Executive Orders, Directives, Policies, Regulations, Standards, and Guidance for Authentication to a Cryptographic Module are Met | NIST macOS Monterey v1.0.0 - 800-53r4 High | Unix | IDENTIFICATION AND AUTHENTICATION |
| Monterey - Ensure all Federal Laws, Executive Orders, Directives, Policies, Regulations, Standards, and Guidance for Authentication to a Cryptographic Module are Met | NIST macOS Monterey v1.0.0 - 800-53r4 Low | Unix | IDENTIFICATION AND AUTHENTICATION |
| Monterey - Ensure all Federal Laws, Executive Orders, Directives, Policies, Regulations, Standards, and Guidance for Authentication to a Cryptographic Module are Met | NIST macOS Monterey v1.0.0 - 800-53r5 Low | Unix | IDENTIFICATION AND AUTHENTICATION |
| Monterey - Ensure all Federal Laws, Executive Orders, Directives, Policies, Regulations, Standards, and Guidance for Authentication to a Cryptographic Module are Met | NIST macOS Monterey v1.0.0 - 800-53r5 Moderate | Unix | IDENTIFICATION AND AUTHENTICATION |
| Monterey - Ensure all Federal Laws, Executive Orders, Directives, Policies, Regulations, Standards, and Guidance for Authentication to a Cryptographic Module are Met | NIST macOS Monterey v1.0.0 - All Profiles | Unix | IDENTIFICATION AND AUTHENTICATION |
| Monterey - Ensure all Federal Laws, Executive Orders, Directives, Policies, Regulations, Standards, and Guidance for Authentication to a Cryptographic Module are Met | NIST macOS Monterey v1.0.0 - CNSSI 1253 | Unix | IDENTIFICATION AND AUTHENTICATION |
| Monterey - Ensure all Federal Laws, Executive Orders, Directives, Policies, Regulations, Standards, and Guidance for Authentication to a Cryptographic Module are Met | NIST macOS Monterey v1.0.0 - 800-53r5 High | Unix | IDENTIFICATION AND AUTHENTICATION |
| O19C-00-015500 - Oracle Database must use NIST-validated FIPS 140-2/140-3 compliant cryptography for authentication mechanisms. | DISA Oracle Database 19c STIG v1r5 Unix | Unix | IDENTIFICATION AND AUTHENTICATION |
| O19C-00-015500 - Oracle Database must use NIST-validated FIPS 140-2/140-3 compliant cryptography for authentication mechanisms. | DISA Oracle Database 19c STIG v1r5 Windows | Windows | IDENTIFICATION AND AUTHENTICATION |
| RHEL-08-010160 - The RHEL 8 pam_unix.so module must be configured in the password-auth file to use a FIPS 140-2 approved cryptographic hashing algorithm for system authentication. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-08-010161 - RHEL 8 must prevent system daemons from using Kerberos for authentication. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-08-010162 - The krb5-workstation package must not be installed on RHEL 8. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-08-010163 - The krb5-server package must not be installed on RHEL 8. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-09-652015 - RHEL 9 must have the packages required for encrypting offloaded audit logs installed. | DISA Red Hat Enterprise Linux 9 STIG v2r8 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-10-200650 - RHEL 10 must have the packages required for encrypting off-loaded audit logs installed. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| SPLK-CL-000430 - Splunk Enterprise must use TLS 1.2 and SHA-2 or higher cryptographic algorithms. | DISA STIG Splunk Enterprise 8.x for Linux v2r3 STIG OS | Unix | IDENTIFICATION AND AUTHENTICATION |
| WN25-SO-000290 - Windows Server 2025 Kerberos encryption types must be configured to prevent the use of DES and RC4 encryption suites. | DISA Microsoft Windows Server 2025 STIG v1r1 | Windows | IDENTIFICATION AND AUTHENTICATION |
