CCI|CCI-000803

Title

The information system implements mechanisms for authentication to a cryptographic module that meet the requirements of applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance for such authentication.

Reference Item Details

Reference: CCI - DISA Control Correlation Identifier

Category: 2009

Audit Items

View all Reference Audit Items

Name	Plugin	Audit Name
3.154 - The use of DES encryption suites must not be allowed for Kerberos encryption.	Windows	DISA Windows Server 2008 R2 DC STIG v1r34
3.154 - The use of DES encryption suites must not be allowed for Kerberos encryption.	Windows	DISA Windows 7 STIG v1r32
3.154 - The use of DES encryption suites must not be allowed for Kerberos encryption.	Windows	DISA Windows Server 2008 R2 MS STIG v1r33
5.3.16 Ensure only FIPS 140-2 ciphers are used for SSH	Unix	CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
AMLS-L3-000250 - Arista MLS must encrypt all methods of configured authentication for the OSPF routing protocol - ipv6 OSPF checks	Arista	DISA STIG Arista MLS DCS-7000 Series RTR V1R2
AMLS-L3-000250 - Arista MLS must encrypt all methods of configured authentication for the OSPF routing protocol - message-digest	Arista	DISA STIG Arista MLS DCS-7000 Series RTR V1R2
AMLS-L3-000250 - Arista MLS must encrypt all methods of configured authentication for the OSPF routing protocol - message-digest-key	Arista	DISA STIG Arista MLS DCS-7000 Series RTR V1R2
AMLS-L3-000250 - Arista MLS must encrypt all methods of configured authentication for the OSPF routing protocol.	Arista	DISA STIG Arista MLS DCS-7000 Series RTR V1R2
AMLS-L3-000250 - The Arista Multilayer Switch must encrypt all methods of configured authentication for the OSPF routing protocol - ipv6 OSPF checks	Arista	DISA STIG Arista MLS DCS-7000 Series RTR v1r3
AMLS-L3-000250 - The Arista Multilayer Switch must encrypt all methods of configured authentication for the OSPF routing protocol - ospf message-digest	Arista	DISA STIG Arista MLS DCS-7000 Series RTR v1r3
AMLS-L3-000250 - The Arista Multilayer Switch must encrypt all methods of configured authentication for the OSPF routing protocol - ospf message-digest-key	Arista	DISA STIG Arista MLS DCS-7000 Series RTR v1r3
AMLS-L3-000320 - Arista MLS must not enable the RIP routing protocol.	Arista	DISA STIG Arista MLS DCS-7000 Series RTR V1R2
AMLS-L3-000320 - The Arista Multilayer Switch must not enable the RIP routing protocol.	Arista	DISA STIG Arista MLS DCS-7000 Series RTR v1r3
AMLS-NM-200825 - Arista MLS must use FIPS-compliant mechanisms for authentication to a cryptographic module - entropy source	Arista	DISA STIG Arista MLS DCS-7000 Series NDM V1R2
AMLS-NM-200825 - Arista MLS must use FIPS-compliant mechanisms for authentication to a cryptographic module - SSH FIPS	Arista	DISA STIG Arista MLS DCS-7000 Series NDM V1R2
AMLS-NM-200825 - The Arista Multilayer Switch must use FIPS-compliant mechanisms for authentication to a cryptographic module - entropy source	Arista	DISA STIG Arista MLS DCS-7000 Series NDM v1r3
AMLS-NM-200825 - The Arista Multilayer Switch must use FIPS-compliant mechanisms for authentication to a cryptographic module - SSH FIPS	Arista	DISA STIG Arista MLS DCS-7000 Series NDM v1r3
AOSX-13-000054 - The macOS system must implement approved Ciphers to protect the confidentiality of SSH connections.	Unix	DISA STIG Apple Mac OSX 10.13 v2r3
AOSX-13-000054 - The macOS system must implement approved Ciphers to protect the confidentiality of SSH connections.	Unix	DISA STIG Apple Mac OSX 10.13 v2r5
AOSX-13-000055 - The macOS system must use only Message Authentication Codes (MACs) employing FIPS 140-2 validated cryptographic hash algorithms.	Unix	DISA STIG Apple Mac OSX 10.13 v2r3
AOSX-13-000055 - The macOS system must use only Message Authentication Codes (MACs) employing FIPS 140-2 validated cryptographic hash algorithms.	Unix	DISA STIG Apple Mac OSX 10.13 v2r5
AOSX-13-000056 - The macOS system must implement an approved Key Exchange Algorithm.	Unix	DISA STIG Apple Mac OSX 10.13 v2r5
AOSX-13-000056 - The macOS system must implement an approved Key Exchange Algorithm.	Unix	DISA STIG Apple Mac OSX 10.13 v2r3
AOSX-14-000054 - The macOS system must implement approved Ciphers to protect the confidentiality of SSH connections.	Unix	DISA STIG Apple Mac OSX 10.14 v2r4
AOSX-14-000054 - The macOS system must implement approved Ciphers to protect the confidentiality of SSH connections.	Unix	DISA STIG Apple Mac OSX 10.14 v2r5
AOSX-14-000054 - The macOS system must implement approved Ciphers to protect the confidentiality of SSH connections.	Unix	DISA STIG Apple Mac OSX 10.14 v2r6
AOSX-14-000055 - The macOS system must use only Message Authentication Codes (MACs) employing FIPS 140-2 validated cryptographic hash algorithms.	Unix	DISA STIG Apple Mac OSX 10.14 v2r4
AOSX-14-000055 - The macOS system must use only Message Authentication Codes (MACs) employing FIPS 140-2 validated cryptographic hash algorithms.	Unix	DISA STIG Apple Mac OSX 10.14 v2r5
AOSX-14-000055 - The macOS system must use only Message Authentication Codes (MACs) employing FIPS 140-2 validated cryptographic hash algorithms.	Unix	DISA STIG Apple Mac OSX 10.14 v2r6
AOSX-14-000056 - The macOS system must implement an approved Key Exchange Algorithm.	Unix	DISA STIG Apple Mac OSX 10.14 v2r5
AOSX-14-000056 - The macOS system must implement an approved Key Exchange Algorithm.	Unix	DISA STIG Apple Mac OSX 10.14 v2r4
AOSX-14-000056 - The macOS system must implement an approved Key Exchange Algorithm.	Unix	DISA STIG Apple Mac OSX 10.14 v2r6
AOSX-15-000054 - The macOS system must implement approved Ciphers to protect the confidentiality of SSH connections..	Unix	DISA STIG Apple Mac OSX 10.15 v1r7
AOSX-15-000054 - The macOS system must implement approved Ciphers to protect the confidentiality of SSH connections..	Unix	DISA STIG Apple Mac OSX 10.15 v1r3
AOSX-15-000054 - The macOS system must implement approved Ciphers to protect the confidentiality of SSH connections..	Unix	DISA STIG Apple Mac OSX 10.15 v1r8
AOSX-15-000054 - The macOS system must implement approved Ciphers to protect the confidentiality of SSH connections..	Unix	DISA STIG Apple Mac OSX 10.15 v1r10
AOSX-15-000054 - The macOS system must implement approved Ciphers to protect the confidentiality of SSH connections..	Unix	DISA STIG Apple Mac OSX 10.15 v1r5
AOSX-15-000055 - The macOS system must use only Message Authentication Codes (MACs) employing FIPS 140-2 validated cryptographic hash algorithms.	Unix	DISA STIG Apple Mac OSX 10.15 v1r7
AOSX-15-000055 - The macOS system must use only Message Authentication Codes (MACs) employing FIPS 140-2 validated cryptographic hash algorithms.	Unix	DISA STIG Apple Mac OSX 10.15 v1r10
AOSX-15-000055 - The macOS system must use only Message Authentication Codes (MACs) employing FIPS 140-2 validated cryptographic hash algorithms.	Unix	DISA STIG Apple Mac OSX 10.15 v1r3
AOSX-15-000055 - The macOS system must use only Message Authentication Codes (MACs) employing FIPS 140-2 validated cryptographic hash algorithms.	Unix	DISA STIG Apple Mac OSX 10.15 v1r5
AOSX-15-000055 - The macOS system must use only Message Authentication Codes (MACs) employing FIPS 140-2 validated cryptographic hash algorithms.	Unix	DISA STIG Apple Mac OSX 10.15 v1r8
AOSX-15-000056 - The macOS system must implement an approved Key Exchange Algorithm.	Unix	DISA STIG Apple Mac OSX 10.15 v1r5
AOSX-15-000056 - The macOS system must implement an approved Key Exchange Algorithm.	Unix	DISA STIG Apple Mac OSX 10.15 v1r3
AOSX-15-000056 - The macOS system must implement an approved Key Exchange Algorithm.	Unix	DISA STIG Apple Mac OSX 10.15 v1r7
AOSX-15-000056 - The macOS system must implement an approved Key Exchange Algorithm.	Unix	DISA STIG Apple Mac OSX 10.15 v1r8
AOSX-15-000056 - The macOS system must implement an approved Key Exchange Algorithm.	Unix	DISA STIG Apple Mac OSX 10.15 v1r10
APPL-11-000054 - The macOS system must implement approved ciphers to protect the confidentiality of SSH connections.	Unix	DISA STIG Apple macOS 11 v1r8
APPL-11-000054 - The macOS system must implement approved ciphers to protect the confidentiality of SSH connections.	Unix	DISA STIG Apple macOS 11 v1r3
APPL-11-000054 - The macOS system must implement approved ciphers to protect the confidentiality of SSH connections.	Unix	DISA STIG Apple macOS 11 v1r1

Detections

Analytics

CCI|CCI-000803

Title

Reference Item Details

Audit Items