ADBP-XI-000955 - Adobe Acrobat Pro XI FIPS mode must be enabled. | DISA STIG ADOBE ACROBAT PROFESSIONAL (PRO) XI v1r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
APPNET0062 - The .NET CLR must be configured to use FIPS approved encryption modules. | DISA STIG for Microsoft Dot Net Framework 4.0 v2r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
Big Sur - Issue or Obtain Public Key Certificates from an Approved Service Provider | NIST macOS Big Sur v1.4.0 - 800-53r5 Moderate | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
Big Sur - Issue or Obtain Public Key Certificates from an Approved Service Provider | NIST macOS Big Sur v1.4.0 - CNSSI 1253 | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
Big Sur - Issue or Obtain Public Key Certificates from an Approved Service Provider | NIST macOS Big Sur v1.4.0 - 800-53r4 Moderate | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
Big Sur - Issue or Obtain Public Key Certificates from an Approved Service Provider | NIST macOS Big Sur v1.4.0 - 800-53r5 High | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
Big Sur - Issue or Obtain Public Key Certificates from an Approved Service Provider | NIST macOS Big Sur v1.4.0 - 800-53r4 High | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
CASA-VN-000170 - The Cisco ASA must be configured to use NIST FIPS-validated cryptography for Internet Key Exchange (IKE) Phase 1. | DISA STIG Cisco ASA VPN v1r3 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
CASA-VN-000190 - The Cisco ASA must be configured to use a FIPS-validated cryptographic module to generate cryptographic hashes - IPsec SA | DISA STIG Cisco ASA VPN v1r3 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
CASA-VN-000340 - The Cisco ASA VPN gateway must use cryptographic algorithms approved by NSA to protect NSS when transporting classified traffic across an unclassified network - crypto map | DISA STIG Cisco ASA VPN v1r3 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
CASA-VN-000340 - The Cisco ASA VPN gateway must use cryptographic algorithms approved by NSA to protect NSS when transporting classified traffic across an unclassified network - encryption | DISA STIG Cisco ASA VPN v1r3 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
CASA-VN-000340 - The Cisco ASA VPN gateway must use cryptographic algorithms approved by NSA to protect NSS when transporting classified traffic across an unclassified network - group | DISA STIG Cisco ASA VPN v1r3 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
CASA-VN-000340 - The Cisco ASA VPN gateway must use cryptographic algorithms approved by NSA to protect NSS when transporting classified traffic across an unclassified network - integrity | DISA STIG Cisco ASA VPN v1r3 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
CASA-VN-000340 - The Cisco ASA VPN gateway must use cryptographic algorithms approved by NSA to protect NSS when transporting classified traffic across an unclassified network - ipsec-proposal | DISA STIG Cisco ASA VPN v1r3 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
CASA-VN-000340 - The Cisco ASA VPN gateway must use cryptographic algorithms approved by NSA to protect NSS when transporting classified traffic across an unclassified network - prf | DISA STIG Cisco ASA VPN v1r3 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
CASA-VN-000760 - The Cisco ASA VPN remote access server must be configured to use an approved High Assurance Commercial Solution for Classified (CSfC) cryptographic algorithm for remote access to a classified network - crypto map | DISA STIG Cisco ASA VPN v1r3 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
CASA-VN-000760 - The Cisco ASA VPN remote access server must be configured to use an approved High Assurance Commercial Solution for Classified (CSfC) cryptographic algorithm for remote access to a classified network - encryption | DISA STIG Cisco ASA VPN v1r3 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
CASA-VN-000760 - The Cisco ASA VPN remote access server must be configured to use an approved High Assurance Commercial Solution for Classified (CSfC) cryptographic algorithm for remote access to a classified network - group | DISA STIG Cisco ASA VPN v1r3 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
Catalina - Issue or Obtain Public Key Certificates from an Approved Service Provider | NIST macOS Catalina v1.5.0 - 800-53r4 High | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
Catalina - Issue or Obtain Public Key Certificates from an Approved Service Provider | NIST macOS Catalina v1.5.0 - CNSSI 1253 | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
Catalina - Issue or Obtain Public Key Certificates from an Approved Service Provider | NIST macOS Catalina v1.5.0 - 800-53r5 High | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
DTOO316 - Outlook minimum encryption key length settings must be set. | DISA STIG Microsoft Outlook 2016 v2r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
ESXI-06-100010 - The SSH daemon must be configured to only use FIPS 140-2 approved ciphers. | DISA STIG VMware vSphere 6.x ESXi OS v1r5 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
ESXI-67-100010 - The ESXi host SSH daemon must be configured to only use FIPS 140-2 approved ciphers. | DISA STIG VMware vSphere 6.7 ESXi OS v1r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
ESXI-70-000274 - The ESXi host SSH daemon must be configured to only use FIPS 140-2 validated ciphers. | DISA STIG VMware vSphere 7.0 ESXi OS v1r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
MADB-10-008400 - MariaDB must use NSA-approved cryptography to protect classified information in accordance with the data owner's requirements. | DISA MariaDB Enterprise 10.x v1r3 DB | MySQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
MADB-10-012200 - MariaDB must implement NIST FIPS 140-2 validated cryptographic modules to generate and validate cryptographic hashes. | DISA MariaDB Enterprise 10.x v1r3 DB | MySQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
MADB-10-012200 - MariaDB must implement NIST FIPS 140-2 validated cryptographic modules to generate and validate cryptographic hashes. | DISA MariaDB Enterprise 10.x v1r3 OS Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
MADB-10-012300 - MariaDB must implement NIST FIPS 140-2 validated cryptographic modules to protect unclassified information requiring confidentiality and cryptographic protection, in accordance with the data owners requirements. | DISA MariaDB Enterprise 10.x v1r3 OS Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
MADB-10-012300 - MariaDB must implement NIST FIPS 140-2 validated cryptographic modules to protect unclassified information requiring confidentiality and cryptographic protection, in accordance with the data owners requirements. | DISA MariaDB Enterprise 10.x v1r3 DB | MySQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
Monterey - Issue or Obtain Public Key Certificates from an Approved Service Provider | NIST macOS Monterey v1.0.0 - 800-53r4 High | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
Monterey - Issue or Obtain Public Key Certificates from an Approved Service Provider | NIST macOS Monterey v1.0.0 - 800-53r4 Moderate | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
Monterey - Issue or Obtain Public Key Certificates from an Approved Service Provider | NIST macOS Monterey v1.0.0 - 800-53r5 Moderate | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
Monterey - Issue or Obtain Public Key Certificates from an Approved Service Provider | NIST macOS Monterey v1.0.0 - All Profiles | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
Monterey - Issue or Obtain Public Key Certificates from an Approved Service Provider | NIST macOS Monterey v1.0.0 - 800-53r5 High | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
Monterey - Issue or Obtain Public Key Certificates from an Approved Service Provider | NIST macOS Monterey v1.0.0 - CNSSI 1253 | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
MYS8-00-011700 - The MySQL Database Server 8.0 must implement NIST FIPS 140-2 or 140-3 validated cryptographic modules to generate and validate cryptographic hashes. | DISA Oracle MySQL 8.0 v1r5 DB | MySQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
PHTN-30-000240 - The Photon operating system must implement NIST FIPS-validated cryptography for the following: to provision digital signatures, generate cryptographic hashes, and protect unclassified information requiring confidentiality and cryptographic protection in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards. | DISA STIG VMware vSphere 7.0 Photon OS v1r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
RHEL-09-672015 - RHEL 9 crypto policy files must match files shipped with the operating system. | DISA Red Hat Enterprise Linux 9 STIG v1r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
SLES-15-010510 - FIPS 140-2 mode must be enabled on the SUSE operating system. | DISA SLES 15 STIG v1r12 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
SQL2-00-019500 - SQL Server must implement required cryptographic protections using cryptographic modules complying with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance. | DISA STIG SQL Server 2012 Database Audit v1r20 | MS_SQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
SQL2-00-019600 - SQL Server databases in the classified environment, containing classified or sensitive information, must be encrypted using approved cryptography. | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
SQL2-00-019601 - SQL Server databases in the unclassified environment, containing sensitive information, must be encrypted using approved cryptography. | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
SYMP-AG-000450 - Symantec ProxySG providing forward proxy encryption intermediary services must use NIST FIPS-validated cryptography to implement encryption services. - Destination | DISA Symantec ProxySG Benchmark ALG v1r3 | BlueCoat | SYSTEM AND COMMUNICATIONS PROTECTION |
SYMP-AG-000460 - Symantec ProxySG providing reverse proxy encryption intermediary services must implement NIST FIPS-validated cryptography to generate cryptographic hashes. | DISA Symantec ProxySG Benchmark ALG v1r3 | BlueCoat | SYSTEM AND COMMUNICATIONS PROTECTION |
SYMP-AG-000470 - Symantec ProxySG providing reverse proxy encryption intermediary services must implement NIST FIPS-validated cryptography for digital signatures. | DISA Symantec ProxySG Benchmark ALG v1r3 | BlueCoat | SYSTEM AND COMMUNICATIONS PROTECTION |
VCPG-70-000013 - VMware Postgres must use FIPS 140-2 approved Transport Layer Security (TLS) ciphers. | DISA STIG VMware vSphere 7.0 PostgreSQL v1r2 | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
WBSP-AS-001370 - The WebSphere Application Server must use DoD-approved Signer Certificates. | DISA IBM WebSphere Traditional 9 STIG v1r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
WN11-SO-000230 - The system must be configured to use FIPS-compliant algorithms for encryption, hashing, and signing. | DISA Windows 11 STIG v1r5 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
WN22-SO-000360 - Windows Server 2022 must be configured to use FIPS-compliant algorithms for encryption, hashing, and signing. | DISA Windows Server 2022 STIG v1r4 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |