Item Search

NameAudit NamePluginCategory
3.061 - Unencrypted remote access is permitted to system services.DISA Windows Vista STIG v6r41Windows

ACCESS CONTROL

5.043 - Terminal Services is not configured with the client connection encryption set to the required level.DISA Windows Vista STIG v6r41Windows

ACCESS CONTROL, MAINTENANCE

CASA-VN-000210 - The Cisco ASA must be configured to use a Diffie-Hellman (DH) Group of 14 or greater for Internet Key Exchange (IKE) Phase 1.DISA STIG Cisco ASA VPN v1r1Cisco

ACCESS CONTROL

CASA-VN-000550 - The Cisco ASA remote access VPN server must be configured to use TLS 1.2 or higher to protect the confidentiality of remote access connections.DISA STIG Cisco ASA VPN v1r1Cisco

ACCESS CONTROL

CASA-VN-000640 - The Cisco VPN remote access server must be configured to use AES encryption for the Internet Key Exchange (IKE) Phase 1 to protect confidentiality of remote access sessions.DISA STIG Cisco ASA VPN v1r1Cisco

ACCESS CONTROL

CASA-VN-000650 - The Cisco ASA VPN remote access server must be configured to use Advanced Encryption Standard (AES) encryption for the IPsec security association to protect the confidentiality of remote access sessions.DISA STIG Cisco ASA VPN v1r1Cisco

ACCESS CONTROL

CNTR-K8-000150 - The Kubernetes Controller Manager must use TLS 1.2, at a minimum, to protect the confidentiality of sensitive data during electronic dissemination.DISA STIG Kubernetes v1r5Unix

ACCESS CONTROL

CNTR-K8-000160 - The Kubernetes Scheduler must use TLS 1.2, at a minimum, to protect the confidentiality of sensitive data during electronic dissemination.DISA STIG Kubernetes v1r5Unix

ACCESS CONTROL

CNTR-K8-000170 - The Kubernetes API Server must use TLS 1.2, at a minimum, to protect the confidentiality of sensitive data during electronic dissemination.DISA STIG Kubernetes v1r5Unix

ACCESS CONTROL

CNTR-K8-000180 - The Kubernetes etcd must use TLS to protect the confidentiality of sensitive data during electronic dissemination.DISA STIG Kubernetes v1r5Unix

ACCESS CONTROL

CNTR-K8-000190 - The Kubernetes etcd must use TLS to protect the confidentiality of sensitive data during electronic dissemination.DISA STIG Kubernetes v1r5Unix

ACCESS CONTROL

ESXI-06-000010 - The VMM must use DoD-approved encryption to protect the confidentiality of remote access sessions.DISA STIG VMware vSphere 6.x ESXi OS v1r5Unix

ACCESS CONTROL

ESXI-06-000011 - The SSH daemon must be configured to use only the SSHv2 protocol.DISA STIG VMware vSphere 6.x ESXi OS v1r5Unix

ACCESS CONTROL

ESXI-67-000010 - The ESXi host SSH daemon must use DoD-approved encryption to protect the confidentiality of remote access sessions.DISA STIG VMware vSphere 6.7 ESXi OS v1r2Unix

ACCESS CONTROL

GEN003820 - The rsh daemon must not be running.DISA STIG AIX 5.3 v1r2Unix

ACCESS CONTROL

GEN003820 - The rsh daemon must not be running.DISA STIG AIX 6.1 v1r14Unix

ACCESS CONTROL

GEN003820 - The rsh daemon must not be running.DISA STIG Solaris 10 X86 v2r2Unix

ACCESS CONTROL

GEN003820 - The rsh daemon must not be running.DISA STIG Solaris 10 SPARC v2r2Unix

ACCESS CONTROL

GEN003830 - The rlogind service must not be running.DISA STIG AIX 5.3 v1r2Unix

ACCESS CONTROL

GEN003830 - The rlogind service must not be running.DISA STIG AIX 6.1 v1r14Unix

ACCESS CONTROL

GEN003830 - The rlogind service must not be running.DISA STIG Solaris 10 SPARC v2r2Unix

ACCESS CONTROL

GEN003830 - The rlogind service must not be running.DISA STIG for Red Hat Enterprise Linux 5 v1r18 AuditUnix

ACCESS CONTROL

GEN003830 - The rlogind service must not be running.DISA STIG Solaris 10 X86 v2r2Unix

ACCESS CONTROL

GEN003830 - The rlogind service must not be running.DISA STIG for Oracle Linux 5 v2r1Unix

ACCESS CONTROL

GEN005307 - SNMP must require the use of a FIPS 140-2 encryption algorithm for protecting the privacy of SNMP messages.DISA STIG for Red Hat Enterprise Linux 5 v1r18 AuditUnix

ACCESS CONTROL

GEN005505 - The operating system must implement DoD-approved encryption to protect the confidentiality of SSH connections.DISA STIG Solaris 10 SPARC v2r2Unix

ACCESS CONTROL

GEN005505 - The SSH daemon must be configured to only use FIPS 140-2 approved ciphers.DISA STIG AIX 5.3 v1r2Unix

ACCESS CONTROL

GEN005505 - The SSH daemon must be configured to only use FIPS 140-2 approved ciphers.DISA STIG AIX 6.1 v1r14Unix

ACCESS CONTROL

GEN005505 - The SSH daemon must be configured to only use FIPS 140-2 approved ciphers.DISA STIG for Red Hat Enterprise Linux 5 v1r18 AuditUnix

ACCESS CONTROL

GEN005510 - The SSH client must be configured to only use FIPS 140-2 approved ciphers.DISA STIG AIX 5.3 v1r2Unix

ACCESS CONTROL

GEN005510 - The SSH client must be configured to only use FIPS 140-2 approved ciphers.DISA STIG AIX 6.1 v1r14Unix

ACCESS CONTROL

GEN005510 - The SSH client must be configured to only use FIPS 140-2 approved ciphers.DISA STIG for Red Hat Enterprise Linux 5 v1r18 AuditUnix

ACCESS CONTROL

GEN005510 - The SSH client must be configured to only use FIPS 140-2 approved ciphers.DISA STIG Solaris 10 X86 v2r2Unix

ACCESS CONTROL

GEN005510 - The SSH client must be configured to only use FIPS 140-2 approved ciphers.DISA STIG Solaris 10 SPARC v2r2Unix

ACCESS CONTROL

OL08-00-040161 - OL 8 must force a frequent session key renegotiation for SSH connections to the server.DISA Oracle Linux 8 STIG v1r2Unix

ACCESS CONTROL

RHEL-08-010020 - RHEL 8 must implement NIST FIPS-validated cryptography for the following: to provision digital signatures, to generate cryptographic hashes, and to protect data requiring data-at-rest protections in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards - fips-mode-setupDISA Red Hat Enterprise Linux 8 STIG v1r6Unix

ACCESS CONTROL

RHEL-08-010020 - RHEL 8 must implement NIST FIPS-validated cryptography for the following: to provision digital signatures, to generate cryptographic hashes, and to protect data requiring data-at-rest protections in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards - grub2-editenvDISA Red Hat Enterprise Linux 8 STIG v1r6Unix

ACCESS CONTROL

RHEL-08-010020 - RHEL 8 must implement NIST FIPS-validated cryptography for the following: to provision digital signatures, to generate cryptographic hashes, and to protect data requiring data-at-rest protections in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards - procDISA Red Hat Enterprise Linux 8 STIG v1r6Unix

ACCESS CONTROL

RHEL-08-040161 - RHEL 8 must force a frequent session key renegotiation for SSH connections to the server.DISA Red Hat Enterprise Linux 8 STIG v1r6Unix

ACCESS CONTROL

SLES-15-010160 - The SUSE operating system must implement DoD-approved encryption to protect the confidentiality of SSH remote connections.DISA SLES 15 STIG v1r6Unix

ACCESS CONTROL

SYMP-AG-000030 - Symantec ProxySG providing forward proxy intermediary services for TLS must be configured to comply with the required TLS settings in NIST SP 800-52 - client.connection.negotiated_cipherDISA Symantec ProxySG Benchmark ALG v1r3BlueCoat

ACCESS CONTROL

SYMP-AG-000030 - Symantec ProxySG providing forward proxy intermediary services for TLS must be configured to comply with the required TLS settings in NIST SP 800-52 - client.connection.negotiated_ssl_versionDISA Symantec ProxySG Benchmark ALG v1r3BlueCoat

ACCESS CONTROL

SYMP-AG-000030 - Symantec ProxySG providing forward proxy intermediary services for TLS must be configured to comply with the required TLS settings in NIST SP 800-52 - server.connection.negotiated_cipherDISA Symantec ProxySG Benchmark ALG v1r3BlueCoat

ACCESS CONTROL

SYMP-AG-000030 - Symantec ProxySG providing forward proxy intermediary services for TLS must be configured to comply with the required TLS settings in NIST SP 800-52 - server.connection.negotiated_ssl_versionDISA Symantec ProxySG Benchmark ALG v1r3BlueCoat

ACCESS CONTROL

SYMP-AG-000040 - Symantec ProxySG providing reverse proxy intermediary services for TLS must be configured to version 1.1 or higher with an approved cipher suite.DISA Symantec ProxySG Benchmark ALG v1r3BlueCoat

ACCESS CONTROL

SYMP-AG-000050 - Symantec ProxySG storing secret or private keys must use FIPS-approved key management technology and processes in the production and control of private/secret cryptographic keys.DISA Symantec ProxySG Benchmark ALG v1r3BlueCoat

ACCESS CONTROL

VCRP-67-000003 - The rhttpproxy must be configured to operate solely with FIPS ciphers.DISA STIG VMware vSphere 6.7 RhttpProxy v1r2Unix

ACCESS CONTROL

WBSP-AS-000160 - The WebSphere Application Server Quality of Protection (QoP) must be set to use TLSv1.2 or higher.DISA IBM WebSphere Traditional 9 STIG v1r1 MiddlewareUnix

ACCESS CONTROL

WBSP-AS-000160 - The WebSphere Application Server Quality of Protection (QoP) must be set to use TLSv1.2 or higher.DISA IBM WebSphere Traditional 9 STIG v1r1Unix

ACCESS CONTROL

WBSP-AS-000160 - The WebSphere Application Server Quality of Protection (QoP) must be set to use TLSv1.2 or higher.DISA IBM WebSphere Traditional 9 Windows STIG v1r1Windows

ACCESS CONTROL