CCI|CCI-000197

Title

The information system, for password-based authentication, transmits only cryptographically-protected passwords.

Reference Item Details

Category: 2009

Audit Items

View all Reference Audit Items

NamePluginAudit Name
3.034 - Unencrypted passwords must not be sent to third-party SMB Servers.WindowsDISA Windows Vista STIG v6r41
5.3.29 Ensure SSH Protocol is set to 2UnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
AIX7-00-001045 - IF LDAP is used, AIX LDAP client must use SSL to authenticate with LDAP server.UnixDISA STIG AIX 7.x v2r5
AIX7-00-001124 - AIX root passwords must never be passed over a network in clear text form - Root LoginsUnixDISA STIG AIX 7.x v2r5
AIX7-00-001124 - AIX root passwords must never be passed over a network in clear text form - SSH EnabledUnixDISA STIG AIX 7.x v2r5
AIX7-00-002058 - The AIX rexec daemon must not be running.UnixDISA STIG AIX 7.x v2r5
AIX7-00-002059 - AIX telnet daemon must not be running.UnixDISA STIG AIX 7.x v2r5
AIX7-00-002060 - AIX ftpd daemon must not be running.UnixDISA STIG AIX 7.x v2r5
AIX7-00-003005 - AIX must disable /usr/bin/rcp, /usr/bin/rlogin, /usr/bin/rsh, /usr/bin/rexec and /usr/bin/telnet commands - rcpUnixDISA STIG AIX 7.x v2r5
AIX7-00-003005 - AIX must disable /usr/bin/rcp, /usr/bin/rlogin, /usr/bin/rsh, /usr/bin/rexec and /usr/bin/telnet commands - rexecUnixDISA STIG AIX 7.x v2r5
AIX7-00-003005 - AIX must disable /usr/bin/rcp, /usr/bin/rlogin, /usr/bin/rsh, /usr/bin/rexec and /usr/bin/telnet commands - rloginUnixDISA STIG AIX 7.x v2r5
AIX7-00-003005 - AIX must disable /usr/bin/rcp, /usr/bin/rlogin, /usr/bin/rsh, /usr/bin/rexec and /usr/bin/telnet commands - rshUnixDISA STIG AIX 7.x v2r5
AIX7-00-003005 - AIX must disable /usr/bin/rcp, /usr/bin/rlogin, /usr/bin/rsh, /usr/bin/rexec and /usr/bin/telnet commands - telnetUnixDISA STIG AIX 7.x v2r5
AIX7-00-003040 - The AIX rsh daemon must be disabled.UnixDISA STIG AIX 7.x v2r5
AIX7-00-003041 - The AIX rlogind service must be disabled.UnixDISA STIG AIX 7.x v2r5
AOSX-13-000555 - The macOS system must unload tftpd.UnixDISA STIG Apple Mac OSX 10.13 v2r5
AOSX-13-000605 - The macOS system must not use telnet.UnixDISA STIG Apple Mac OSX 10.13 v2r5
AOSX-13-000606 - The macOS system must not use unencrypted FTP.UnixDISA STIG Apple Mac OSX 10.13 v2r5
AOSX-14-002038 - The macOS system must be configured to disable the tftpd service.UnixDISA STIG Apple Mac OSX 10.14 v2r6
AOSX-15-002038 - The macOS system must be configured to disable the tftp service.UnixDISA STIG Apple Mac OSX 10.15 v1r8
APPL-11-002038 - Apple macOS must be configured to disable the tftp service.UnixDISA STIG Apple macOS 11 v1r6
APPL-11-002038 - Apple macOS must be configured to disable the tftp service.UnixDISA STIG Apple macOS 11 v1r5
AS24-U1-000030 - The Apache web server must use cryptography to protect the integrity of remote sessions - ssl_moduleUnixDISA STIG Apache Server 2.4 Unix Server v2r5
AS24-U1-000030 - The Apache web server must use cryptography to protect the integrity of remote sessions - ssl_moduleUnixDISA STIG Apache Server 2.4 Unix Server v2r5 Middleware
AS24-U1-000030 - The Apache web server must use cryptography to protect the integrity of remote sessions - SSLProtocolUnixDISA STIG Apache Server 2.4 Unix Server v2r5
AS24-U1-000030 - The Apache web server must use cryptography to protect the integrity of remote sessions - SSLProtocolUnixDISA STIG Apache Server 2.4 Unix Server v2r5 Middleware
AS24-U2-000030 - The Apache web server must use encryption strength in accordance with the categorization of data hosted by the Apache web server when remote connections are provided - ssl_moduleUnixDISA STIG Apache Server 2.4 Unix Site v2r2
AS24-U2-000030 - The Apache web server must use encryption strength in accordance with the categorization of data hosted by the Apache web server when remote connections are provided - ssl_moduleUnixDISA STIG Apache Server 2.4 Unix Site v2r2 Middleware
AS24-U2-000030 - The Apache web server must use encryption strength in accordance with the categorization of data hosted by the Apache web server when remote connections are provided - SSLProtocolUnixDISA STIG Apache Server 2.4 Unix Site v2r2 Middleware
AS24-U2-000030 - The Apache web server must use encryption strength in accordance with the categorization of data hosted by the Apache web server when remote connections are provided - SSLProtocolUnixDISA STIG Apache Server 2.4 Unix Site v2r2
AS24-W1-000370 - The Apache web server must encrypt passwords during transmission.WindowsDISA STIG Apache Server 2.4 Windows Server v2r2
AS24-W2-000890 - An Apache web server must maintain the confidentiality of controlled information during transmission through the use of an approved TLS version - SSLEngineWindowsDISA STIG Apache Server 2.4 Windows Site v2r1
AS24-W2-000890 - An Apache web server must maintain the confidentiality of controlled information during transmission through the use of an approved TLS version - SSLProtocolWindowsDISA STIG Apache Server 2.4 Windows Site v2r1
Big Sur - Disable Trivial File Tansfer Protocol ServiceUnixNIST macOS Big Sur v1.4.0 - 800-53r4 High
Big Sur - Disable Trivial File Tansfer Protocol ServiceUnixNIST macOS Big Sur v1.4.0 - 800-53r5 High
Big Sur - Disable Trivial File Tansfer Protocol ServiceUnixNIST macOS Big Sur v1.4.0 - 800-53r5 Low
Big Sur - Disable Trivial File Tansfer Protocol ServiceUnixNIST macOS Big Sur v1.4.0 - All Profiles
Big Sur - Disable Trivial File Tansfer Protocol ServiceUnixNIST macOS Big Sur v1.4.0 - 800-171
Big Sur - Disable Trivial File Tansfer Protocol ServiceUnixNIST macOS Big Sur v1.4.0 - 800-53r5 Moderate
Big Sur - Disable Trivial File Tansfer Protocol ServiceUnixNIST macOS Big Sur v1.4.0 - CNSSI 1253
Big Sur - Disable Trivial File Tansfer Protocol ServiceUnixNIST macOS Big Sur v1.4.0 - 800-53r4 Moderate
Big Sur - Disable Trivial File Tansfer Protocol ServiceUnixNIST macOS Big Sur v1.4.0 - 800-53r4 Low
Catalina - Disable Trivial File Tansfer Protocol ServiceUnixNIST macOS Catalina v1.5.0 - CNSSI 1253
Catalina - Disable Trivial File Tansfer Protocol ServiceUnixNIST macOS Catalina v1.5.0 - 800-53r4 Low
Catalina - Disable Trivial File Tansfer Protocol ServiceUnixNIST macOS Catalina v1.5.0 - 800-53r5 Low
Catalina - Disable Trivial File Tansfer Protocol ServiceUnixNIST macOS Catalina v1.5.0 - All Profiles
Catalina - Disable Trivial File Tansfer Protocol ServiceUnixNIST macOS Catalina v1.5.0 - 800-53r5 High
Catalina - Disable Trivial File Tansfer Protocol ServiceUnixNIST macOS Catalina v1.5.0 - 800-171
Catalina - Disable Trivial File Tansfer Protocol ServiceUnixNIST macOS Catalina v1.5.0 - 800-53r4 Moderate
Catalina - Disable Trivial File Tansfer Protocol ServiceUnixNIST macOS Catalina v1.5.0 - 800-53r4 High