CCI|CCI-002422

Title

The information system maintains the confidentiality and/or integrity of information during reception.

Reference Item Details

Category: 2013

Audit Items

View all Reference Audit Items

NamePluginAudit Name
5.3.1 Ensure SSH is installedUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
5.3.2 Ensure SSH is runningUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
AOSX-13-000035 - The macOS system must implement DoD-approved encryption to protect the confidentiality and integrity of remote access sessions including transmitted data and data during preparation for transmission.UnixDISA STIG Apple Mac OSX 10.13 v2r5
AOSX-14-000011 - The macOS system must implement DoD-approved encryption to protect the confidentiality and integrity of remote access sessions including transmitted data and data during preparation for transmission - OpenSSH versionUnixDISA STIG Apple Mac OSX 10.14 v2r6
AOSX-14-000011 - The macOS system must implement DoD-approved encryption to protect the confidentiality and integrity of remote access sessions including transmitted data and data during preparation for transmission - SSHD currently runningUnixDISA STIG Apple Mac OSX 10.14 v2r6
AOSX-14-000011 - The macOS system must implement DoD-approved encryption to protect the confidentiality and integrity of remote access sessions including transmitted data and data during preparation for transmission - SSHD service disabledUnixDISA STIG Apple Mac OSX 10.14 v2r6
APPL-11-000011 - The macOS system must disable the SSHD service.UnixDISA STIG Apple macOS 11 v1r5
APPL-11-000011 - The macOS system must disable the SSHD service.UnixDISA STIG Apple macOS 11 v1r6
AS24-U1-000030 - The Apache web server must use cryptography to protect the integrity of remote sessions - ssl_moduleUnixDISA STIG Apache Server 2.4 Unix Server v2r5 Middleware
AS24-U1-000030 - The Apache web server must use cryptography to protect the integrity of remote sessions - ssl_moduleUnixDISA STIG Apache Server 2.4 Unix Server v2r5
AS24-U1-000030 - The Apache web server must use cryptography to protect the integrity of remote sessions - SSLProtocolUnixDISA STIG Apache Server 2.4 Unix Server v2r5
AS24-U1-000030 - The Apache web server must use cryptography to protect the integrity of remote sessions - SSLProtocolUnixDISA STIG Apache Server 2.4 Unix Server v2r5 Middleware
AS24-U2-000030 - The Apache web server must use encryption strength in accordance with the categorization of data hosted by the Apache web server when remote connections are provided - ssl_moduleUnixDISA STIG Apache Server 2.4 Unix Site v2r2
AS24-U2-000030 - The Apache web server must use encryption strength in accordance with the categorization of data hosted by the Apache web server when remote connections are provided - ssl_moduleUnixDISA STIG Apache Server 2.4 Unix Site v2r2 Middleware
AS24-U2-000030 - The Apache web server must use encryption strength in accordance with the categorization of data hosted by the Apache web server when remote connections are provided - SSLProtocolUnixDISA STIG Apache Server 2.4 Unix Site v2r2 Middleware
AS24-U2-000030 - The Apache web server must use encryption strength in accordance with the categorization of data hosted by the Apache web server when remote connections are provided - SSLProtocolUnixDISA STIG Apache Server 2.4 Unix Site v2r2
AS24-W1-000030 - The Apache web server must use encryption strength in accordance with the categorization of data hosted by the Apache web server when remote connections are provided - ssl_moduleWindowsDISA STIG Apache Server 2.4 Windows Server v2r2
AS24-W1-000030 - The Apache web server must use encryption strength in accordance with the categorization of data hosted by the Apache web server when remote connections are provided - SSLProtocolWindowsDISA STIG Apache Server 2.4 Windows Server v2r2
AS24-W2-000890 - An Apache web server must maintain the confidentiality of controlled information during transmission through the use of an approved TLS version - SSLEngineWindowsDISA STIG Apache Server 2.4 Windows Site v2r1
AS24-W2-000890 - An Apache web server must maintain the confidentiality of controlled information during transmission through the use of an approved TLS version - SSLProtocolWindowsDISA STIG Apache Server 2.4 Windows Site v2r1
Catalina - Enable SSH for Remote Access SessionsUnixNIST macOS Catalina v1.5.0 - All Profiles
DB2X-00-009200 - DB2 must maintain the confidentiality and integrity of information during reception.UnixDISA STIG IBM DB2 v10.5 LUW v1r4 OS Linux
DB2X-00-009200 - DB2 must maintain the confidentiality and integrity of information during reception.WindowsDISA STIG IBM DB2 v10.5 LUW v1r4 OS Windows
DKER-EE-001050 - TCP socket binding for all Docker Engine - Enterprise nodes in a Universal Control Plane (UCP) cluster must be disabled.UnixDISA STIG Docker Enterprise 2.x Linux/Unix v2r1
EP11-00-009600 - The EDB Postgres Advanced Server must maintain the confidentiality and integrity of information during reception.WindowsEDB PostgreSQL Advanced Server v11 Windows OS Audit v2r1
IISW-SI-000249 - The IIS 8.5 website must maintain the confidentiality and integrity of information during preparation for transmission and during reception.WindowsDISA IIS 8.5 Site v2r5
MD3X-00-000770 - MongoDB must maintain the confidentiality and integrity of information during reception - PEMKeyFileUnixDISA STIG MongoDB Enterprise Advanced 3.x v2r1 OS
MD4X-00-006100 - MongoDB must maintain the confidentiality and integrity of information during reception.UnixDISA STIG MongoDB Enterprise Advanced 4.x v1r1 OS
OH12-1X-000331 - OHS must have the LoadModule ossl_module directive enabled to maintain the confidentiality and integrity of information during reception.UnixDISA STIG Oracle HTTP Server 12.1.3 v2r1
OH12-1X-000332 - OHS must have the SSLFIPS directive enabled to maintain the confidentiality and integrity of information during reception.UnixDISA STIG Oracle HTTP Server 12.1.3 v2r1
OH12-1X-000333 - OHS must have the SSLEngine, SSLProtocol, and SSLWallet directives enabled and configured to maintain the confidentiality and integrity of information during reception - SSLEngineUnixDISA STIG Oracle HTTP Server 12.1.3 v2r1
OH12-1X-000333 - OHS must have the SSLEngine, SSLProtocol, and SSLWallet directives enabled and configured to maintain the confidentiality and integrity of information during reception - SSLProtocolUnixDISA STIG Oracle HTTP Server 12.1.3 v2r1
OH12-1X-000333 - OHS must have the SSLEngine, SSLProtocol, and SSLWallet directives enabled and configured to maintain the confidentiality and integrity of information during reception - SSLWalletUnixDISA STIG Oracle HTTP Server 12.1.3 v2r1
OH12-1X-000334 - OHS must have the SSLCipherSuite directive enabled to maintain the confidentiality and integrity of information during reception.UnixDISA STIG Oracle HTTP Server 12.1.3 v2r1
OH12-1X-000335 - If using the WebLogic Web Server Proxy Plugin and configuring end-to-end SSL, OHS must have the SSLSecureProxy directive enabled to maintain the confidentiality and integrity of information during reception.UnixDISA STIG Oracle HTTP Server 12.1.3 v2r1
OH12-1X-000336 - If using the WebLogic Web Server Proxy Plugin and configuring end-to-end SSL, OHS must have the WLSSLWallet directive enabled to maintain the confidentiality and integrity of information during reception.UnixDISA STIG Oracle HTTP Server 12.1.3 v2r1
OH12-1X-000337 - If using the WebLogic Web Server Proxy Plugin and configuring SSL termination at OHS, OHS must have the WLProxySSL directive enabled to maintain the confidentiality and integrity of information during reception.UnixDISA STIG Oracle HTTP Server 12.1.3 v2r1
OL07-00-040300 - The Oracle Linux operating system must be configured so that all networked systems have SSH installed.UnixDISA Oracle Linux 7 STIG v2r7
OL08-00-040159 - All OL 8 networked systems must have SSH installed.UnixDISA Oracle Linux 8 STIG v1r2
OL08-00-040160 - All OL 8 networked systems must have and implement SSH to protect the confidentiality and integrity of transmitted and received information, as well as information during preparation for transmission.UnixDISA Oracle Linux 8 STIG v1r2
PGS9-00-003000 - PostgreSQL must maintain the confidentiality and integrity of information during reception.UnixDISA STIG PostgreSQL 9.x on RHEL OS v2r2
PHTN-67-000068 - The Photon operating system must use OpenSSH for remote maintenance sessions.UnixDISA STIG VMware vSphere 6.7 Photon OS v1r3
PPS9-00-009600 - The EDB Postgres Advanced Server must maintain the confidentiality and integrity of information during reception.UnixEDB PostgreSQL Advanced Server OS Linux Audit v2r1
RHEL-07-040300 - The Red Hat Enterprise Linux operating system must be configured so that all networked systems have SSH installed.UnixDISA Red Hat Enterprise Linux 7 STIG v3r7
RHEL-07-040310 - The Red Hat Enterprise Linux operating system must be configured so that all networked systems use SSH for confidentiality and integrity of transmitted and received information as well as information during preparation for transmission.UnixDISA Red Hat Enterprise Linux 7 STIG v3r7
SLES-12-030100 - All networked SUSE operating systems must have and implement SSH to protect the confidentiality and integrity of transmitted and received information, as well as information during preparation for transmission - activeUnixDISA SLES 12 STIG v2r6
SLES-12-030100 - All networked SUSE operating systems must have and implement SSH to protect the confidentiality and integrity of transmitted and received information, as well as information during preparation for transmission.UnixDISA SLES 12 STIG v2r6
SLES-15-010530 - All networked SUSE operating systems must have and implement SSH to protect the confidentiality and integrity of transmitted and received information, as well as information during preparation for transmission - activeUnixDISA SLES 15 STIG v1r6
SLES-15-010530 - All networked SUSE operating systems must have and implement SSH to protect the confidentiality and integrity of transmitted and received information, as well as information during preparation for transmission.UnixDISA SLES 15 STIG v1r6
UBTU-16-030420 - All networked systems must have and implement SSH to protect the confidentiality and integrity of transmitted and received information, as well as information during preparation for transmission - installedUnixDISA STIG Ubuntu 16.04 LTS v2r3