CCI|CCI-001159

Title

The organization issues public key certificates under an organization-defined certificate policy or obtains public key certificates from an approved service provider.

Reference Item Details

Category: 2009

Audit Items

View all Reference Audit Items

NamePluginAudit Name
CASA-ND-001370 - The Cisco ASA must be configured to obtain its public key certificates from an appropriate certificate policy through an approved service provider.CiscoDISA STIG Cisco ASA NDM v1r1
CISC-ND-001440 - The Cisco router must be configured to obtain its public key certificates from an appropriate certificate policy through an approved service provider - crypto pki trustpointCiscoDISA STIG Cisco IOS XE Router NDM v2r5
CISC-ND-001440 - The Cisco router must be configured to obtain its public key certificates from an appropriate certificate policy through an approved service provider - crypto pki trustpointCiscoDISA STIG Cisco IOS-XR Router NDM v2r2
CISC-ND-001440 - The Cisco router must be configured to obtain its public key certificates from an appropriate certificate policy through an approved service provider - crypto pki trustpointCiscoDISA STIG Cisco IOS Router NDM v2r4
CISC-ND-001440 - The Cisco router must be configured to obtain its public key certificates from an appropriate certificate policy through an approved service provider - enrollmentCiscoDISA STIG Cisco IOS-XR Router NDM v2r2
CISC-ND-001440 - The Cisco router must be configured to obtain its public key certificates from an appropriate certificate policy through an approved service provider - enrollmentCiscoDISA STIG Cisco IOS Router NDM v2r4
CISC-ND-001440 - The Cisco router must be configured to obtain its public key certificates from an appropriate certificate policy through an approved service provider - enrollmentCiscoDISA STIG Cisco IOS XE Router NDM v2r5
CISC-ND-001440 - The Cisco switch must be configured to obtain its public key certificates from an appropriate certificate policy through an approved service provider - crypto pki trustpointCiscoDISA STIG Cisco IOS XE Switch NDM v2r4
CISC-ND-001440 - The Cisco switch must be configured to obtain its public key certificates from an appropriate certificate policy through an approved service provider - crypto pki trustpointCiscoDISA STIG Cisco NX-OS Switch NDM v2r3
CISC-ND-001440 - The Cisco switch must be configured to obtain its public key certificates from an appropriate certificate policy through an approved service provider - crypto pki trustpointCiscoDISA STIG Cisco IOS Switch NDM v2r4
CISC-ND-001440 - The Cisco switch must be configured to obtain its public key certificates from an appropriate certificate policy through an approved service provider - enrollmentCiscoDISA STIG Cisco IOS XE Switch NDM v2r4
CISC-ND-001440 - The Cisco switch must be configured to obtain its public key certificates from an appropriate certificate policy through an approved service provider - enrollmentCiscoDISA STIG Cisco NX-OS Switch NDM v2r3
CISC-ND-001440 - The Cisco switch must be configured to obtain its public key certificates from an appropriate certificate policy through an approved service provider - enrollmentCiscoDISA STIG Cisco IOS Switch NDM v2r4
CISC-ND-001440 - The Cisco switch must be configured to obtain its public key certificates from an appropriate certificate policy through an approved service provider - show crypto ca certificatesCiscoDISA STIG Cisco NX-OS Switch NDM v2r3
F5BI-DM-000283 - The BIG-IP appliance must be configured to obtain its public key certificates from an appropriate certificate policy through a DoD-approved service provider.F5DISA F5 BIG-IP Device Management 11.x STIG v2r1
FGFW-ND-000195 - The FortiGate device must use DoD-approved Certificate Authorities (CAs) for public key certificates.FortiGateDISA Fortigate Firewall NDM STIG v1r3
JUNI-ND-001430 - The Juniper router must be configured to obtain its public key certificates from an appropriate certificate policy through an approved service provider.JuniperDISA STIG Juniper Router NDM v2r2
PANW-NM-000141 - The Palo Alto Networks security platform must use DoD-approved PKI rather than proprietary or self-signed device certificates.Palo_AltoDISA STIG Palo Alto NDM v2r2
SYMP-NM-000200 - Symantec ProxySG must obtain its public key certificates from an appropriate certificate policy through an approved service provider.BlueCoatDISA Symantec ProxySG Benchmark NDM v1r2
SYMP-NM-000200 - Symantec ProxySG must obtain its public key certificates from an appropriate certificate policy through an approved service provider. - attribute keyringBlueCoatDISA Symantec ProxySG Benchmark NDM v1r2