Item Search

NameAudit NamePluginCategory
ADBP-XI-000955 - Adobe Acrobat Pro XI FIPS mode must be enabled.DISA STIG ADOBE ACROBAT PROFESSIONAL (PRO) XI v1r2Windows

SYSTEM AND COMMUNICATIONS PROTECTION

CASA-VN-000170 - The Cisco ASA must be configured to use NIST FIPS-validated cryptography for Internet Key Exchange (IKE) Phase 1.DISA STIG Cisco ASA VPN v1r3Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

CASA-VN-000190 - The Cisco ASA must be configured to use a FIPS-validated cryptographic module to generate cryptographic hashes - IKE Phase 1DISA STIG Cisco ASA VPN v1r3Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

CASA-VN-000190 - The Cisco ASA must be configured to use a FIPS-validated cryptographic module to generate cryptographic hashes - IPsec SADISA STIG Cisco ASA VPN v1r3Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

CASA-VN-000200 - The Cisco ASA must be configured to use a FIPS-validated cryptographic module to implement IPsec encryption services.DISA STIG Cisco ASA VPN v1r3Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

CASA-VN-000340 - The Cisco ASA VPN gateway must use cryptographic algorithms approved by NSA to protect NSS when transporting classified traffic across an unclassified network - crypto mapDISA STIG Cisco ASA VPN v1r3Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

CASA-VN-000340 - The Cisco ASA VPN gateway must use cryptographic algorithms approved by NSA to protect NSS when transporting classified traffic across an unclassified network - encryptionDISA STIG Cisco ASA VPN v1r3Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

CASA-VN-000340 - The Cisco ASA VPN gateway must use cryptographic algorithms approved by NSA to protect NSS when transporting classified traffic across an unclassified network - groupDISA STIG Cisco ASA VPN v1r3Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

CASA-VN-000340 - The Cisco ASA VPN gateway must use cryptographic algorithms approved by NSA to protect NSS when transporting classified traffic across an unclassified network - integrityDISA STIG Cisco ASA VPN v1r3Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

CASA-VN-000340 - The Cisco ASA VPN gateway must use cryptographic algorithms approved by NSA to protect NSS when transporting classified traffic across an unclassified network - ipsec-proposalDISA STIG Cisco ASA VPN v1r3Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

CASA-VN-000340 - The Cisco ASA VPN gateway must use cryptographic algorithms approved by NSA to protect NSS when transporting classified traffic across an unclassified network - prfDISA STIG Cisco ASA VPN v1r3Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

CASA-VN-000760 - The Cisco ASA VPN remote access server must be configured to use an approved High Assurance Commercial Solution for Classified (CSfC) cryptographic algorithm for remote access to a classified network - crypto mapDISA STIG Cisco ASA VPN v1r3Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

CASA-VN-000760 - The Cisco ASA VPN remote access server must be configured to use an approved High Assurance Commercial Solution for Classified (CSfC) cryptographic algorithm for remote access to a classified network - encryptionDISA STIG Cisco ASA VPN v1r3Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

CASA-VN-000760 - The Cisco ASA VPN remote access server must be configured to use an approved High Assurance Commercial Solution for Classified (CSfC) cryptographic algorithm for remote access to a classified network - groupDISA STIG Cisco ASA VPN v1r3Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

CASA-VN-000760 - The Cisco ASA VPN remote access server must be configured to use an approved High Assurance Commercial Solution for Classified (CSfC) cryptographic algorithm for remote access to a classified network - integrityDISA STIG Cisco ASA VPN v1r3Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

CASA-VN-000760 - The Cisco ASA VPN remote access server must be configured to use an approved High Assurance Commercial Solution for Classified (CSfC) cryptographic algorithm for remote access to a classified network - ipsec-proposalDISA STIG Cisco ASA VPN v1r3Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

CASA-VN-000760 - The Cisco ASA VPN remote access server must be configured to use an approved High Assurance Commercial Solution for Classified (CSfC) cryptographic algorithm for remote access to a classified network - prfDISA STIG Cisco ASA VPN v1r3Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

DTBC-0056 - Chrome must be configured to allow only TLS.DISA STIG Google Chrome v2r8Windows

SYSTEM AND COMMUNICATIONS PROTECTION

ESXI-06-100010 - The SSH daemon must be configured to only use FIPS 140-2 approved ciphers.DISA STIG VMware vSphere 6.x ESXi OS v1r5Unix

SYSTEM AND COMMUNICATIONS PROTECTION

ESXI-67-100010 - The ESXi host SSH daemon must be configured to only use FIPS 140-2 approved ciphers.DISA STIG VMware vSphere 6.7 ESXi OS v1r3Unix

SYSTEM AND COMMUNICATIONS PROTECTION

MADB-10-008400 - MariaDB must use NSA-approved cryptography to protect classified information in accordance with the data owner's requirements.DISA MariaDB Enterprise 10.x v1r2 DBMySQLDB

SYSTEM AND COMMUNICATIONS PROTECTION

MADB-10-012100 - MariaDB must implement NIST FIPS 140-2 validated cryptographic modules to provision digital signatures. - fips_enabledDISA MariaDB Enterprise 10.x v1r2 OS LinuxUnix

SYSTEM AND COMMUNICATIONS PROTECTION

MADB-10-012100 - MariaDB must implement NIST FIPS 140-2 validated cryptographic modules to provision digital signatures. - have_opensslDISA MariaDB Enterprise 10.x v1r2 DBMySQLDB

SYSTEM AND COMMUNICATIONS PROTECTION

MADB-10-012100 - MariaDB must implement NIST FIPS 140-2 validated cryptographic modules to provision digital signatures. - opensslDISA MariaDB Enterprise 10.x v1r2 OS LinuxUnix

SYSTEM AND COMMUNICATIONS PROTECTION

MADB-10-012100 - MariaDB must implement NIST FIPS 140-2 validated cryptographic modules to provision digital signatures. - version_ssl_libraryDISA MariaDB Enterprise 10.x v1r2 DBMySQLDB

SYSTEM AND COMMUNICATIONS PROTECTION

MADB-10-012200 - MariaDB must implement NIST FIPS 140-2 validated cryptographic modules to generate and validate cryptographic hashes. - libmysqlclientDISA MariaDB Enterprise 10.x v1r2 DBMySQLDB

SYSTEM AND COMMUNICATIONS PROTECTION

MADB-10-012200 - MariaDB must implement NIST FIPS 140-2 validated cryptographic modules to generate and validate cryptographic hashes. - opensslDISA MariaDB Enterprise 10.x v1r2 OS LinuxUnix

SYSTEM AND COMMUNICATIONS PROTECTION

MADB-10-012300 - MariaDB must implement NIST FIPS 140-2 validated cryptographic modules to protect unclassified information requiring confidentiality and cryptographic protection, in accordance with the data owners requirements. - fips_enabledDISA MariaDB Enterprise 10.x v1r2 OS LinuxUnix

SYSTEM AND COMMUNICATIONS PROTECTION

MADB-10-012300 - MariaDB must implement NIST FIPS 140-2 validated cryptographic modules to protect unclassified information requiring confidentiality and cryptographic protection, in accordance with the data owners requirements. - version_ssl_libraryDISA MariaDB Enterprise 10.x v1r2 DBMySQLDB

SYSTEM AND COMMUNICATIONS PROTECTION

Monterey - Issue or Obtain Public Key Certificates from an Approved Service ProviderNIST macOS Monterey v1.0.0 - All ProfilesUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

Monterey - Issue or Obtain Public Key Certificates from an Approved Service ProviderNIST macOS Monterey v1.0.0 - 800-53r5 HighUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

Monterey - Issue or Obtain Public Key Certificates from an Approved Service ProviderNIST macOS Monterey v1.0.0 - CNSSI 1253Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

Monterey - Issue or Obtain Public Key Certificates from an Approved Service ProviderNIST macOS Monterey v1.0.0 - 800-53r4 HighUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

Monterey - Issue or Obtain Public Key Certificates from an Approved Service ProviderNIST macOS Monterey v1.0.0 - 800-53r4 ModerateUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

Monterey - Issue or Obtain Public Key Certificates from an Approved Service ProviderNIST macOS Monterey v1.0.0 - 800-53r5 ModerateUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

MYS8-00-011500 - The MySQL Database Server 8.0 must use NSA-approved cryptography to protect classified information in accordance with the data owner's requirementsDISA Oracle MySQL 8.0 v1r4 OS LinuxUnix

SYSTEM AND COMMUNICATIONS PROTECTION

MYS8-00-011800 - The MySQL Database Server 8.0 must implement NIST FIPS 140-2 or 140-3 validated cryptographic modules to protect unclassified information requiring confidentiality and cryptographic protection, in accordance with the data owner's requirements.DISA Oracle MySQL 8.0 v1r4 DBMySQLDB

SYSTEM AND COMMUNICATIONS PROTECTION

PHTN-30-000240 - The Photon operating system must implement NIST FIPS-validated cryptography for the following: to provision digital signatures, generate cryptographic hashes, and protect unclassified information requiring confidentiality and cryptographic protection in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards.DISA STIG VMware vSphere 7.0 Photon OS v1r2Unix

SYSTEM AND COMMUNICATIONS PROTECTION

RHEL-09-672015 - RHEL 9 crypto policy files must match files shipped with the operating system.DISA Red Hat Enterprise Linux 9 STIG v1r1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

SLES-15-010510 - FIPS 140-2 mode must be enabled on the SUSE operating system.DISA SLES 15 STIG v1r11Unix

SYSTEM AND COMMUNICATIONS PROTECTION

SQL2-00-019800 - SQL Server must employ NSA-approved cryptography to protect classified information.DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

SYSTEM AND COMMUNICATIONS PROTECTION

SYMP-AG-000450 - Symantec ProxySG providing forward proxy encryption intermediary services must use NIST FIPS-validated cryptography to implement encryption services. - SourceDISA Symantec ProxySG Benchmark ALG v1r3BlueCoat

SYSTEM AND COMMUNICATIONS PROTECTION

SYMP-AG-000480 - Symantec ProxySG providing reverse proxy encryption intermediary services must use NIST FIPS-validated cryptography to implement encryption services.DISA Symantec ProxySG Benchmark ALG v1r3BlueCoat

SYSTEM AND COMMUNICATIONS PROTECTION

UBTU-20-010442 - The Ubuntu operating system must implement NIST FIPS-validated cryptography to protect classified information and for the following: To provision digital signatures, to generate cryptographic hashes, and to protect unclassified information requiring confidentiality and cryptographic protection in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards.DISA STIG Ubuntu 20.04 LTS v1r10Unix

SYSTEM AND COMMUNICATIONS PROTECTION

UBTU-20-010442 - The Ubuntu operating system must implement NIST FIPS-validated cryptography to protect classified information and for the following: To provision digital signatures, to generate cryptographic hashes, and to protect unclassified information requiring confidentiality and cryptographic protection in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards.DISA STIG Ubuntu 20.04 LTS v1r7Unix

SYSTEM AND COMMUNICATIONS PROTECTION

WBSP-AS-001370 - The WebSphere Application Server must use DoD-approved Signer Certificates.DISA IBM WebSphere Traditional 9 STIG v1r1 MiddlewareUnix

SYSTEM AND COMMUNICATIONS PROTECTION

WBSP-AS-001370 - The WebSphere Application Server must use DoD-approved Signer Certificates.DISA IBM WebSphere Traditional 9 Windows STIG v1r1Windows

SYSTEM AND COMMUNICATIONS PROTECTION

WN11-SO-000230 - The system must be configured to use FIPS-compliant algorithms for encryption, hashing, and signing.DISA Windows 11 STIG v1r5Windows

SYSTEM AND COMMUNICATIONS PROTECTION

WN22-DC-000140 - Windows Server 2022 must use separate, NSA-approved (Type 1) cryptography to protect the directory data in transit for directory service implementations at a classified confidentiality level when replication data traverses a network cleared to a lower level than the data.DISA Windows Server 2022 STIG v1r4Windows

SYSTEM AND COMMUNICATIONS PROTECTION

WN22-SO-000360 - Windows Server 2022 must be configured to use FIPS-compliant algorithms for encryption, hashing, and signing.DISA Windows Server 2022 STIG v1r4Windows

SYSTEM AND COMMUNICATIONS PROTECTION