CCI|CCI-002448

Title

The organization distributes asymmetric cryptographic keys using: NSA-approved key management technology and processes; approved PKI Class 3 certificates or prepositioned keying material; or approved PKI Class 3 or Class 4 certificates and hardware security tokens that protect the user's private key.

Reference Item Details

Category: 2013

Audit Items

View all Reference Audit Items

NamePluginAudit Name
AS24-U2-000030 - The Apache web server must use encryption strength in accordance with the categorization of data hosted by the Apache web server when remote connections are providedUnixDISA STIG Apache Server 2.4 Unix Site v2r4
AS24-U2-000030 - The Apache web server must use encryption strength in accordance with the categorization of data hosted by the Apache web server when remote connections are providedUnixDISA STIG Apache Server 2.4 Unix Site v2r4 Middleware
AS24-U2-000870 - The Apache web server cookies, such as session cookies, sent to the client using SSL/TLS must not be compressed.UnixDISA STIG Apache Server 2.4 Unix Site v2r4
AS24-U2-000870 - The Apache web server cookies, such as session cookies, sent to the client using SSL/TLS must not be compressed.UnixDISA STIG Apache Server 2.4 Unix Site v2r4 Middleware
AS24-U2-000890 - Cookies exchanged between the Apache web server and the client, such as session cookies, must have cookie properties set to force the encryption of cookiesUnixDISA STIG Apache Server 2.4 Unix Site v2r4
AS24-U2-000890 - Cookies exchanged between the Apache web server and the client, such as session cookies, must have cookie properties set to force the encryption of cookiesUnixDISA STIG Apache Server 2.4 Unix Site v2r4 Middleware
CNTR-K8-002620 - Kubernetes API Server must disable basic authentication to protect information in transit.UnixDISA STIG Kubernetes v1r11
CNTR-K8-002630 - Kubernetes API Server must disable token authentication to protect information in transit.UnixDISA STIG Kubernetes v1r11
CNTR-K8-002640 - Kubernetes endpoints must use approved organizational certificate and key pair to protect information in transit.UnixDISA STIG Kubernetes v1r11