CCI|CCI-001199

Title

The information system protects the confidentiality and/or integrity of organization-defined information at rest.

Reference Item Details

Category: 2009

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.5.9 Ensure NIST FIPS-validated cryptography is configured - etcUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.5.9 Ensure NIST FIPS-validated cryptography is configured - grubUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.5.9 Ensure NIST FIPS-validated cryptography is configured - procUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.5.9 Ensure NIST FIPS-validated cryptography is configured - rpmUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
AIX7-00-001048 - AIX must protect the confidentiality and integrity of all information at rest - clic.rte.kernextUnixDISA STIG AIX 7.x v2r5
AIX7-00-001048 - AIX must protect the confidentiality and integrity of all information at rest - clic.rte.libUnixDISA STIG AIX 7.x v2r5
AIX7-00-001048 - AIX must protect the confidentiality and integrity of all information at rest - EFS enabledUnixDISA STIG AIX 7.x v2r5
AOSX-13-000780 - The macOS system must implement cryptographic mechanisms to protect the confidentiality and integrity of all information at rest.UnixDISA STIG Apple Mac OSX 10.13 v2r5
AOSX-14-005020 - The macOS system must implement cryptographic mechanisms to protect the confidentiality and integrity of all information at rest.UnixDISA STIG Apple Mac OSX 10.14 v2r6
AOSX-15-005020 - The macOS system must implement cryptographic mechanisms to protect the confidentiality and integrity of all information at rest.UnixDISA STIG Apple Mac OSX 10.15 v1r8
APPL-11-005020 - The macOS system must implement cryptographic mechanisms to protect the confidentiality and integrity of all information at rest.UnixDISA STIG Apple macOS 11 v1r5
APPL-11-005020 - The macOS system must implement cryptographic mechanisms to protect the confidentiality and integrity of all information at rest.UnixDISA STIG Apple macOS 11 v1r6
Big Sur - Enforce FileVaultUnixNIST macOS Big Sur v1.4.0 - 800-53r4 High
Big Sur - Enforce FileVaultUnixNIST macOS Big Sur v1.4.0 - 800-53r5 High
Big Sur - Enforce FileVaultUnixNIST macOS Big Sur v1.4.0 - All Profiles
Big Sur - Enforce FileVaultUnixNIST macOS Big Sur v1.4.0 - 800-53r5 Moderate
Big Sur - Enforce FileVaultUnixNIST macOS Big Sur v1.4.0 - 800-171
Big Sur - Enforce FileVaultUnixNIST macOS Big Sur v1.4.0 - CNSSI 1253
Big Sur - Enforce FileVaultUnixNIST macOS Big Sur v1.4.0 - 800-53r4 Moderate
BIND-9X-001130 - The DNSSEC keys used with the BIND 9.x implementation must be owned by a privileged account.UnixDISA BIND 9.x STIG v2r2
BIND-9X-001131 - The DNSSEC keys used with the BIND 9.x implementation must be group owned by a privileged account.UnixDISA BIND 9.x STIG v2r2
BIND-9X-001132 - Permissions assigned to the DNSSEC keys used with the BIND 9.x implementation must enforce read-only access to the key owner and deny access to all other users.UnixDISA BIND 9.x STIG v2r2
Catalina - Enforce FileVaultUnixNIST macOS Catalina v1.5.0 - 800-53r4 High
Catalina - Enforce FileVaultUnixNIST macOS Catalina v1.5.0 - 800-53r5 High
Catalina - Enforce FileVaultUnixNIST macOS Catalina v1.5.0 - All Profiles
Catalina - Enforce FileVaultUnixNIST macOS Catalina v1.5.0 - 800-53r5 Moderate
Catalina - Enforce FileVaultUnixNIST macOS Catalina v1.5.0 - 800-171
Catalina - Enforce FileVaultUnixNIST macOS Catalina v1.5.0 - 800-53r4 Moderate
Catalina - Enforce FileVaultUnixNIST macOS Catalina v1.5.0 - CNSSI 1253
DKER-EE-001070 - FIPS mode must be enabled on all Docker Engine - Enterprise nodes - docker info .SecurityOptionsUnixDISA STIG Docker Enterprise 2.x Linux/Unix v2r1
DKER-EE-002660 - Docker Secrets must be used to store configuration files and small amounts of user-generated data (up to 500 kb in size) in Docker Enterprise.UnixDISA STIG Docker Enterprise 2.x Linux/Unix v2r1
DTBC-0039 - Browser history must be saved.WindowsDISA STIG Google Chrome v2r6
DTBI042-IE11 - Userdata persistence must be disallowed (Internet zone).WindowsDISA STIG IE 11 v2r1
DTBI132-IE11 - Userdata persistence must be disallowed (Restricted Sites zone).WindowsDISA STIG IE 11 v2r1
DTOO188 - Document metadata for password protected files must be protected.WindowsDISA STIG Microsoft Office System 2016 v2r2
DTOO188 - Document metadata for password protected files must be protected.WindowsDISA STIG Microsoft Office System 2013 v2r1
DTOO188 - Office System - Document metadata for password protected files must be protected.WindowsDISA STIG Office System 2010 v1r12
DTOO189 - Office System - The encryption type for password protected Open XML files must be set.WindowsDISA STIG Office System 2010 v1r12
DTOO189 - The encryption type for password protected Open XML files must be set.WindowsDISA STIG Microsoft Office System 2016 v2r2
DTOO189 - The encryption type for password protected Open XML files must be set.WindowsDISA STIG Microsoft Office System 2013 v2r1
DTOO190 - Office System - The encryption type for password protected Office 97 thru Office 2003 must be set.WindowsDISA STIG Office System 2010 v1r12
DTOO190 - The encryption type for password protected Office 97 thru Office 2003 must be set.WindowsDISA STIG Microsoft Office System 2013 v2r1
DTOO190 - The encryption type for password protected Office 97 thru Office 2003 must be set.WindowsDISA STIG Microsoft Office System 2016 v2r2
DTOO195 - Office System - Passwords for secured documents must be enforced.WindowsDISA STIG Office System 2010 v1r12
DTOO195 - Passwords for secured documents must be enforced.WindowsDISA STIG Microsoft Office System 2013 v2r1
EP11-00-005700 - The EDB Postgres Advanced Server must protect the confidentiality and integrity of all information at rest.WindowsEDB PostgreSQL Advanced Server v11 Windows OS Audit v2r1
EX13-MB-000125 - Exchange Public Folder stores must be retained until backups are complete.WindowsDISA Microsoft Exchange 2013 Mailbox Server STIG v2r2
EX13-MB-000130 - The Exchange Public Folder database must not be overwritten by a restore.WindowsDISA Microsoft Exchange 2013 Mailbox Server STIG v2r2
EX13-MB-000135 - Exchange Mailboxes must be retained until backups are complete.WindowsDISA Microsoft Exchange 2013 Mailbox Server STIG v2r2
EX13-MB-000140 - The Exchange Mailbox database must not be overwritten by a restore.WindowsDISA Microsoft Exchange 2013 Mailbox Server STIG v2r2