Item Search

NameAudit NamePluginCategory
AADC-CL-001320 - Adobe Acrobat Pro DC Classic Periodic downloading of Adobe certificates must be disabled.DISA STIG Adobe Acrobat Pro DC Classic Track v2r1Windows

SYSTEM AND COMMUNICATIONS PROTECTION

AIX7-00-001105 - AIX must only allow the use of DoD PKI-established certificate authorities for verification of the establishment of protected sessions - Certificate IssuerDISA STIG AIX 7.x v2r9Unix

SYSTEM AND COMMUNICATIONS PROTECTION

AIX7-00-001105 - AIX must only allow the use of DoD PKI-established certificate authorities for verification of the establishment of protected sessions - ldapsslkeyfDISA STIG AIX 7.x v2r9Unix

SYSTEM AND COMMUNICATIONS PROTECTION

AIX7-00-001105 - AIX must only allow the use of DoD PKI-established certificate authorities for verification of the establishment of protected sessions - useSSLDISA STIG AIX 7.x v2r9Unix

SYSTEM AND COMMUNICATIONS PROTECTION

AOSX-14-001060 - The macOS system must accept and verify Personal Identity Verification (PIV) credentials, implement a local cache of revocation data to support path discovery and validation in case of the inability to access revocation information via the network, and only allow the use of DoD PKI-established certificate authorities for verification of the establishment of protected sessions.DISA STIG Apple Mac OSX 10.14 v2r6Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

AOSX-15-001060 - The macOS system must accept and verify Personal Identity Verification (PIV) credentials, implement a local cache of revocation data to support path discovery and validation in case of the inability to access revocation information via the network, and only allow the use of DoD PKI-established certificate authorities for verification of the establishment of protected sessions.DISA STIG Apple Mac OSX 10.15 v1r10Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

APPL-11-001060 - The macOS system must accept and verify Personal Identity Verification (PIV) credentials, implement a local cache of revocation data to support path discovery and validation in case of the inability to access revocation information via the network, and only allow the use of DoD PKI-established certificate authorities to verify the establishment of protected sessions.DISA STIG Apple macOS 11 v1r5Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

APPL-11-001060 - The macOS system must accept and verify Personal Identity Verification (PIV) credentials, implement a local cache of revocation data to support path discovery and validation in case of the inability to access revocation information via the network, and only allow the use of DoD PKI-established certificate authorities to verify the establishment of protected sessions.DISA STIG Apple macOS 11 v1r8Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

APPL-12-001060 - The macOS system must accept and verify Personal Identity Verification (PIV) credentials, implement a local cache of revocation data to support path discovery and validation in case of the inability to access revocation information via the network, and only allow the use of DoD PKI-established certificate authorities for verification of the establishment of protected sessions - PIV credentials, implement a local cache of revocation data to support path discovery and validation in case of the inability to access revocation information via the network, and only allow the use of DoD PKI-established certificate authorities to verify the establishment of protected sessions.DISA STIG Apple macOS 12 v1r8Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

APPL-13-001060 - The macOS system must accept and verify Personal Identity Verification (PIV) credentials, implement a local cache of revocation data to support path discovery and validation in case of the inability to access revocation information via the network, and only allow the use of DOD PKI-established certificate authorities for verification of the establishment of protected sessions.DISA STIG Apple macOS 13 v1r3Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

ARDC-CL-000330 - Adobe Reader DC must disable periodical uploading of European certificates.DISA STIG Adobe Acrobat Reader DC Classic Track v2r1Windows

SYSTEM AND COMMUNICATIONS PROTECTION

ARDC-CN-000330 - Adobe Reader DC must disable periodical uploading of European certificates.DISA STIG Adobe Acrobat Reader DC Continuous Track v2r1Windows

SYSTEM AND COMMUNICATIONS PROTECTION

AS24-U1-000030 - The Apache web server must use cryptography to protect the integrity of remote sessions - ssl_moduleDISA STIG Apache Server 2.4 Unix Server v2r6 MiddlewareUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

AS24-U1-000030 - The Apache web server must use cryptography to protect the integrity of remote sessions - SSLProtocolDISA STIG Apache Server 2.4 Unix Server v2r6 MiddlewareUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

Big Sur - Set Smartcard Certificate Trust to ModerateNIST macOS Big Sur v1.4.0 - 800-53r5 ModerateUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

Big Sur - Set Smartcard Certificate Trust to ModerateNIST macOS Big Sur v1.4.0 - All ProfilesUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

Big Sur - Set Smartcard Certificate Trust to ModerateNIST macOS Big Sur v1.4.0 - CNSSI 1253Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

Big Sur - Set Smartcard Certificate Trust to ModerateNIST macOS Big Sur v1.4.0 - 800-53r4 ModerateUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

Catalina - Set Smartcard Certificate Trust to ModerateNIST macOS Catalina v1.5.0 - All ProfilesUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

Catalina - Set Smartcard Certificate Trust to ModerateNIST macOS Catalina v1.5.0 - 800-53r4 ModerateUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

Catalina - Set Smartcard Certificate Trust to ModerateNIST macOS Catalina v1.5.0 - 800-53r5 ModerateUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

Catalina - Set Smartcard Certificate Trust to ModerateNIST macOS Catalina v1.5.0 - CNSSI 1253Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

ESXI-67-000040 - The ESXi host must use multifactor authentication for local DCUI access to privileged accounts.DISA STIG VMware vSphere 6.7 ESXi v1r3VMware

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

F5BI-LT-000213 - The F5 BIG-IP appliance providing user authentication intermediary services must only accept end entity certificates issued by DOD PKI or DOD-approved PKI Certification Authorities (CAs) for the establishment of protected sessions.DISA F5 BIG-IP Local Traffic Manager STIG v2r3F5

SYSTEM AND COMMUNICATIONS PROTECTION

IIST-SI-000220 - A private IIS 10.0 website authentication mechanism must use client certificates to transmit session identifier to assure integrity.DISA IIS 10.0 Site v2r9Windows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

IISW-SI-000220 - A private websites authentication mechanism must use client certificates to transmit session identifier to assure integrity.DISA IIS 8.5 Site v2r9Windows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

IISW-SI-000241 - The IIS 8.5 private website have a server certificate issued by DoD PKI or DoD-approved PKI Certification Authorities (CAs).DISA IIS 8.5 Site v2r9Windows

SYSTEM AND COMMUNICATIONS PROTECTION

JUSX-VN-000026 - The Juniper SRX Services Gateway VPN must only allow the use of DoD PKI established certificate authorities for verification of the establishment of protected sessions.DISA Juniper SRX Services Gateway VPN v2r2Juniper

SYSTEM AND COMMUNICATIONS PROTECTION

MD3X-00-000730 - MongoDB must only accept end entity certificates issued by DoD PKI or DoD-approved PKI Certification Authorities (CAs) for the establishment of all encrypted sessions.DISA STIG MongoDB Enterprise Advanced 3.x v2r1 OSUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Monterey - Set Smartcard Certificate Trust to ModerateNIST macOS Monterey v1.0.0 - 800-53r5 ModerateUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

Monterey - Set Smartcard Certificate Trust to ModerateNIST macOS Monterey v1.0.0 - 800-53r4 ModerateUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

Monterey - Set Smartcard Certificate Trust to ModerateNIST macOS Monterey v1.0.0 - CNSSI 1253Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

Monterey - Set Smartcard Certificate Trust to ModerateNIST macOS Monterey v1.0.0 - All ProfilesUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

TCAT-AS-001430 - Certificates in the trust store must be issued/signed by an approved CA.DISA STIG Apache Tomcat Application Server 9 v2r6Unix

SYSTEM AND COMMUNICATIONS PROTECTION

UBTU-18-010436 - The Ubuntu operating system must only allow the use of DoD PKI-established certificate authorities for verification of the establishment of protected sessions.DISA STIG Ubuntu 18.04 LTS v2r13Unix

SYSTEM AND COMMUNICATIONS PROTECTION

WN10-PK-000005 - The DoD Root CA certificates must be installed in the Trusted Root StoreDISA Windows 10 STIG v2r8Windows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

WN10-PK-000015 - The DoD Interoperability Root CA cross-certificates must be installed in the Untrusted Certificates Store on unclassified systems - 1/2DISA Windows 10 STIG v2r8Windows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

WN10-PK-000020 - The US DoD CCEB Interoperability Root CA cross-certificates must be installed in the Untrusted Certificates Store on unclassified systems.DISA Windows 10 STIG v2r8Windows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

WN12-PK-000001 - The DoD Root CA certificates must be installed in the Trusted Root StoreDISA Windows Server 2012 and 2012 R2 DC STIG v3r7Windows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

WN12-PK-000001 - The DoD Root CA certificates must be installed in the Trusted Root StoreDISA Windows Server 2012 and 2012 R2 MS STIG v3r7Windows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

WN12-PK-000003 - The DoD Interoperability Root CA cross-certificates must be installed into the Untrusted Certificates Store on unclassified systems.DISA Windows Server 2012 and 2012 R2 DC STIG v3r7Windows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

WN12-PK-000003 - The DoD Interoperability Root CA cross-certificates must be installed into the Untrusted Certificates Store on unclassified systems.DISA Windows Server 2012 and 2012 R2 MS STIG v3r7Windows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

WN12-PK-000004 - The US DoD CCEB Interoperability Root CA cross-certificates must be installed into the Untrusted Certificates Store on unclassified systems.DISA Windows Server 2012 and 2012 R2 MS STIG v3r7Windows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

WN12-PK-000004 - The US DoD CCEB Interoperability Root CA cross-certificates must be installed into the Untrusted Certificates Store on unclassified systems.DISA Windows Server 2012 and 2012 R2 DC STIG v3r7Windows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

WN16-PK-000010 - The DoD Root CA certificates must be installed in the Trusted Root StoreDISA Windows Server 2016 STIG v2r7Windows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

WN16-PK-000030 - The US DoD CCEB Interoperability Root CA cross-certificates must be installed in the Untrusted Certificates Store on unclassified systems.DISA Windows Server 2016 STIG v2r7Windows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

WN19-PK-000010 - Windows Server 2019 must have the DoD Root Certificate Authority (CA) certificates installed in the Trusted Root StoreDISA Windows Server 2019 STIG v2r8Windows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

WN19-PK-000020 - Windows Server 2019 must have the DoD Interoperability Root Certificate Authority (CA) cross-certificates installed in the Untrusted Certificates Store on unclassified systems - DoD Root CA 2DISA Windows Server 2019 STIG v2r8Windows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

WN19-PK-000030 - Windows Server 2019 must have the US DoD CCEB Interoperability Root CA cross-certificates in the Untrusted Certificates Store on unclassified systems.DISA Windows Server 2019 STIG v2r8Windows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

WN22-PK-000020 - Windows Server 2022 must have the DoD Interoperability Root Certificate Authority (CA) cross-certificates installed in the Untrusted Certificates Store on unclassified systems - DoD Root CA 2DISA Windows Server 2022 STIG v1r4Windows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION