800-53|AC-17(2)

Title

PROTECTION OF CONFIDENTIALITY / INTEGRITY USING ENCRYPTION

Description

The information system implements cryptographic mechanisms to protect the confidentiality and integrity of remote access sessions.

Supplemental

The encryption strength of mechanism is selected based on the security categorization of the information.

Reference Item Details

Related: SC-12,SC-13,SC-8

Category: ACCESS CONTROL

Parent Title: REMOTE ACCESS

Family: ACCESS CONTROL

Baseline Impact: MODERATE,HIGH

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.1 EX19-ED-000006WindowsCIS Microsoft Exchange 2019 Edge Server STIG v1.0.0 CAT II
1.1 EX19-MB-000006WindowsCIS Microsoft Exchange 2019 Mailbox Server STIG v1.0.0 CAT II
1.1 RHEL-10-000500UnixCIS Red Hat Enterprise Linux 10 STIG v1.0.0 CAT I
1.1 VCSA-80-000009VMwareCIS VMware vSphere 8.0 vCenter STIG v1.0.0 CAT II
1.1.2.1 (L1) Ensure 'NTLM' is set to 'Disabled'WindowsCIS Mozilla Firefox ESR GPO v1.0.0 L1
1.1.7.1 (L1) Ensure 'TLS_RSA_WITH_3DES_EDE_CBC_SHA ' is set to 'Enabled'WindowsCIS Mozilla Firefox ESR GPO v1.0.0 L1
1.1.37 (L1) Ensure 'Maximum SSL version enabled' is set to 'Enabled: TLS 1.3'WindowsCIS Mozilla Firefox ESR GPO v1.0.0 L1
1.1.38 (L1) Ensure 'Minimum SSL version enabled' is set to 'Enabled: TLS 1.2'WindowsCIS Mozilla Firefox ESR GPO v1.0.0 L1
1.10 Ensure system-wide crypto policy is not legacyUnixCIS CentOS Linux 8 Workstation L1 v2.0.0
1.10 Ensure system-wide crypto policy is not legacyUnixCIS Fedora 28 Family Linux Workstation L1 v2.0.0
1.10 Ensure system-wide crypto policy is not legacyUnixCIS Fedora 28 Family Linux Server L1 v2.0.0
1.10 Ensure system-wide crypto policy is not legacyUnixCIS CentOS Linux 8 Server L1 v2.0.0
1.11.1 Assign a custom certificate to syslog-clientArubaOSCIS HPE Aruba Networking CX Switch v1.0.1 Optional Security Recommendations
1.11.2 Configure syslog-client to log using TLSArubaOSCIS HPE Aruba Networking CX Switch v1.0.1 Optional Security Recommendations
1.12 ALMA-09-002990UnixCIS Cloud Linux AlmaLinux OS 9 STIG v1.0.0 CAT I
1.12 Ensure 'Internet-facing receive connectors' is set to 'Tls, BasicAuth, BasicAuthRequireTLS'WindowsCIS Microsoft Exchange Server 2019 L1 Edge v1.0.0
1.13 ALMA-09-003100UnixCIS Cloud Linux AlmaLinux OS 9 STIG v1.0.0 CAT I
1.13.1 (L1) Ensure 'Allow Basic authentication for HTTP' is set to 'Disabled'WindowsCIS Microsoft Intune for Edge v1.0.0 L1
1.13.1 (L1) Ensure 'Allow Basic authentication for HTTP' is set to 'Disabled'WindowsCIS Microsoft Edge v4.0.0 L1
1.13.3 (L2) Ensure 'Supported authentication schemes' is set to 'Enabled: ntlm, negotiate'WindowsCIS Microsoft Intune for Edge v1.0.0 L2
1.13.3 (L2) Ensure 'Supported authentication schemes' is set to 'Enabled: ntlm, negotiate'WindowsCIS Microsoft Edge v4.0.0 L2
1.14 ALMA-09-003210UnixCIS Cloud Linux AlmaLinux OS 9 STIG v1.0.0 CAT I
1.15 ALMA-09-003320UnixCIS Cloud Linux AlmaLinux OS 9 STIG v1.0.0 CAT I
1.16 ALMA-09-003430UnixCIS Cloud Linux AlmaLinux OS 9 STIG v1.0.0 CAT II
1.16 SLES-15-010160UnixCIS SUSE Linux Enterprise Server 15 STIG v1.0.0 CAT II
1.17 ALMA-09-003540UnixCIS Cloud Linux AlmaLinux OS 9 STIG v1.0.0 CAT I
1.18 ALMA-09-003650UnixCIS Cloud Linux AlmaLinux OS 9 STIG v1.0.0 CAT II
1.18 CISC-ND-001140CiscoCIS Cisco IOS XR Router NDM STIG v1.0.0 CAT II
1.19 ALMA-09-003870UnixCIS Cloud Linux AlmaLinux OS 9 STIG v1.0.0 CAT I
1.19 APPL-14-000054UnixCIS Apple macOS 14 Sonoma STIG v1.0.0 CAT I
1.19 APPL-26-000054UnixCIS Apple macOS 26 Tahoe STIG v1.0.0 CAT I
1.101 PHTN-40-000239UnixCIS VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v1.0.0 CAT I
1.128 WN16-CC-000400WindowsCIS Microsoft Windows Server 2016 STIG v4.0.0 MS CAT II
1.128 WN16-CC-000400WindowsCIS Microsoft Windows Server 2016 STIG v4.0.0 DC CAT II
1.129 WN16-CC-000410WindowsCIS Microsoft Windows Server 2016 STIG v4.0.0 MS CAT II
1.129 WN16-CC-000410WindowsCIS Microsoft Windows Server 2016 STIG v4.0.0 DC CAT II
1.130 SOL-11.1-050240UnixCIS Solaris 11 X86 STIG v1.0.0 CAT II
1.130 WN19-CC-000370WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II
1.130 WN19-CC-000370WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT II
1.130 WN22-CC-000370WindowsCIS Microsoft Windows Server 2022 STIG v3.0.0 DC CAT II
1.130 WN22-CC-000370WindowsCIS Microsoft Windows Server 2022 STIG v3.0.0 MS CAT II
1.131 WN19-CC-000380WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II
1.131 WN19-CC-000380WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT II
1.131 WN22-CC-000380WindowsCIS Microsoft Windows Server 2022 STIG v3.0.0 DC CAT II
1.131 WN22-CC-000380WindowsCIS Microsoft Windows Server 2022 STIG v3.0.0 MS CAT II
1.132 SOL-11.1-050240UnixCIS Solaris 11 SPARC STIG v1.0.0 CAT II
1.147 SOL-11.1-060130UnixCIS Solaris 11 X86 STIG v1.0.0 CAT II
1.149 SOL-11.1-060130UnixCIS Solaris 11 SPARC STIG v1.0.0 CAT II
1.159 WN10-CC-000285WindowsCIS Microsoft Windows 10 STIG v1.0.0 CAT II
1.160 WN10-CC-000290WindowsCIS Microsoft Windows 10 STIG v1.0.0 CAT II