Item Search

NameAudit NamePluginCategory
AOSX-13-000605 - The macOS system must not use telnet.DISA STIG Apple Mac OSX 10.13 v2r5Unix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, MAINTENANCE

AOSX-15-003020 - The macOS system must use multifactor authentication for local and network access to privileged and non-privileged accounts, the establishment of nonlocal maintenance and diagnostic sessions, and authentication for remote access to privileged accounts in such a way that one of the factors is provided by a device separate from the system gaining access - ChallengeResponseAuthenticationDISA STIG Apple Mac OSX 10.15 v1r10Unix

IDENTIFICATION AND AUTHENTICATION, MAINTENANCE

AOSX-15-003020 - The macOS system must use multifactor authentication for local and network access to privileged and non-privileged accounts, the establishment of nonlocal maintenance and diagnostic sessions, and authentication for remote access to privileged accounts in such a way that one of the factors is provided by a device separate from the system gaining access - enforceSmartCardDISA STIG Apple Mac OSX 10.15 v1r10Unix

IDENTIFICATION AND AUTHENTICATION, MAINTENANCE

AOSX-15-003020 - The macOS system must use multifactor authentication for local and network access to privileged and non-privileged accounts, the establishment of nonlocal maintenance and diagnostic sessions, and authentication for remote access to privileged accounts in such a way that one of the factors is provided by a device separate from the system gaining access - PasswordAuthenticationDISA STIG Apple Mac OSX 10.15 v1r10Unix

IDENTIFICATION AND AUTHENTICATION, MAINTENANCE

APPL-12-000057 - The macOS system must implement approved ciphers within the SSH client configuration to protect the confidentiality of SSH connections.DISA STIG Apple macOS 12 v1r8Unix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, MAINTENANCE

APPL-12-000058 - The macOS system must implement approved Message Authentication Codes (MACs) within the SSH client configuration.DISA STIG Apple macOS 12 v1r8Unix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, MAINTENANCE

APPL-12-000059 - The macOS system must implement approved Key Exchange Algorithms within the SSH client configuration.DISA STIG Apple macOS 12 v1r8Unix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, MAINTENANCE

APPL-13-000054 - The macOS system must implement approved ciphers within the SSH server configuration to protect the confidentiality of SSH connections.DISA STIG Apple macOS 13 v1r3Unix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, MAINTENANCE

APPL-13-000055 - The macOS system must implement approved Message Authentication Codes (MACs) within the SSH server configuration.DISA STIG Apple macOS 13 v1r3Unix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, MAINTENANCE

APPL-13-000056 - The macOS system must implement approved Key Exchange Algorithms within the SSH server configuration.DISA STIG Apple macOS 13 v1r3Unix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, MAINTENANCE

APPL-13-000057 - The macOS system must implement approved ciphers within the SSH client configuration to protect the confidentiality of SSH connections.DISA STIG Apple macOS 13 v1r3Unix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, MAINTENANCE

APPL-13-000058 - The macOS system must implement approved Message Authentication Codes (MACs) within the SSH client configuration.DISA STIG Apple macOS 13 v1r3Unix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, MAINTENANCE

Catalina - Enforce Smartcard AuthenticationNIST macOS Catalina v1.5.0 - 800-53r4 HighUnix

IDENTIFICATION AND AUTHENTICATION, MAINTENANCE

Catalina - Enforce Smartcard AuthenticationNIST macOS Catalina v1.5.0 - 800-53r4 LowUnix

IDENTIFICATION AND AUTHENTICATION, MAINTENANCE

Catalina - Enforce Smartcard AuthenticationNIST macOS Catalina v1.5.0 - 800-53r5 ModerateUnix

IDENTIFICATION AND AUTHENTICATION, MAINTENANCE

Catalina - Enforce Smartcard AuthenticationNIST macOS Catalina v1.5.0 - All ProfilesUnix

IDENTIFICATION AND AUTHENTICATION, MAINTENANCE

Catalina - Enforce Smartcard AuthenticationNIST macOS Catalina v1.5.0 - CNSSI 1253Unix

IDENTIFICATION AND AUTHENTICATION, MAINTENANCE

Catalina - Enforce Smartcard AuthenticationNIST macOS Catalina v1.5.0 - 800-53r5 HighUnix

IDENTIFICATION AND AUTHENTICATION, MAINTENANCE

Catalina - Enforce Smartcard AuthenticationNIST macOS Catalina v1.5.0 - 800-53r5 LowUnix

IDENTIFICATION AND AUTHENTICATION, MAINTENANCE

Catalina - Enforce Smartcard AuthenticationNIST macOS Catalina v1.5.0 - 800-53r4 ModerateUnix

IDENTIFICATION AND AUTHENTICATION, MAINTENANCE

Catalina - Enforce Smartcard AuthenticationNIST macOS Catalina v1.5.0 - 800-171Unix

IDENTIFICATION AND AUTHENTICATION, MAINTENANCE

OL07-00-040110 - The Oracle Linux 7 operating system must implement DoD-approved encryption to protect the confidentiality of SSH connections.DISA Oracle Linux 7 STIG v2r14Unix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, MAINTENANCE

OL08-00-010020 - OL 8 must implement NIST FIPS-validated cryptography for the following: To provision digital signatures, to generate cryptographic hashes, and to protect data requiring data-at-rest protections in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards.DISA Oracle Linux 8 STIG v1r8Unix

ACCESS CONTROL, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION

PHTN-30-000026 - The Photon operating system must use an OpenSSH server version that does not support protocol 1.DISA STIG VMware vSphere 7.0 Photon OS v1r2Unix

IDENTIFICATION AND AUTHENTICATION, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION

PHTN-67-000068 - The Photon operating system must use OpenSSH for remote maintenance sessions.DISA STIG VMware vSphere 6.7 Photon OS v1r6Unix

IDENTIFICATION AND AUTHENTICATION, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION

SOL-11.1-050240 - The boundary protection system (firewall) must be configured to deny network traffic by default and must allow network traffic by exception (i.e., deny all, permit by exception) - filtersDISA STIG Solaris 11 SPARC v2r6Unix

ACCESS CONTROL, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, MAINTENANCE

SOL-11.1-050240 - The boundary protection system (firewall) must be configured to deny network traffic by default and must allow network traffic by exception (i.e., deny all, permit by exception) - firewall/pflogDISA STIG Solaris 11 SPARC v2r6Unix

ACCESS CONTROL, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, MAINTENANCE

SOL-11.1-050240 - The boundary protection system (firewall) must be configured to deny network traffic by default and must allow network traffic by exception (i.e., deny all, permit by exception) - serviceDISA STIG Solaris 11 SPARC v2r6Unix

ACCESS CONTROL, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, MAINTENANCE

SOL-11.1-050240 - The boundary protection system (firewall) must be configured to deny network traffic by default and must allow network traffic by exception (i.e., deny all, permit by exception).DISA STIG Solaris 11 X86 v2r9Unix

ACCESS CONTROL, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, MAINTENANCE

SOL-11.1-050240 - The boundary protection system (firewall) must be configured to deny network traffic by default and must allow network traffic by exception (i.e., deny all, permit by exception).DISA STIG Solaris 11 SPARC v2r9Unix

ACCESS CONTROL, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, MAINTENANCE