CCI|CCI-002470

Title

Only allow the use of organization-defined certificate authorities for verification of the establishment of protected sessions.

Reference Item Details

Category: 2024

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.17 IBMW-LS-000500UnixCIS IBM WebSphere Liberty Server STIG v1.0.0 CAT II
1.25 VCSA-80-000195VMwareCIS VMware vSphere 8.0 vCenter STIG v1.0.0 CAT II
1.51 APPL-14-001060UnixCIS Apple macOS 14 Sonoma STIG v1.0.0 CAT II
1.51 APPL-26-001060UnixCIS Apple macOS 26 Tahoe STIG v1.0.0 CAT II
1.70 AZLX-23-001310UnixCIS Amazon Linux 2023 STIG v1.0.0 CAT II
1.71 MADB-10-008500UnixCIS MariaDB Enterprise 10.x STIG v1.1.0 CAT II Unix
1.102 UBTU-24-600060UnixCIS Ubuntu Linux 24.04 LTS STIG v1.0.0 CAT II
1.109 UBTU-22-631010UnixCIS Ubuntu Linux 22.04 LTS STIG v1.0.0 CAT II
1.116 APPL-14-003001UnixCIS Apple macOS 14 Sonoma STIG v1.0.0 CAT II
1.116 APPL-26-003001UnixCIS Apple macOS 26 Tahoe STIG v1.0.0 CAT II
1.182 WN10-PK-000005WindowsCIS Microsoft Windows 10 STIG v1.0.0 CAT II
1.184 WN10-PK-000015WindowsCIS Microsoft Windows 10 STIG v1.0.0 CAT II
1.185 WN10-PK-000020WindowsCIS Microsoft Windows 10 STIG v1.0.0 CAT II
1.203 WN16-PK-000010WindowsCIS Microsoft Windows Server 2016 STIG v4.0.0 DC CAT II
1.203 WN16-PK-000010WindowsCIS Microsoft Windows Server 2016 STIG v4.0.0 MS CAT II
1.205 WN16-PK-000030WindowsCIS Microsoft Windows Server 2016 STIG v4.0.0 MS CAT II
1.205 WN16-PK-000030WindowsCIS Microsoft Windows Server 2016 STIG v4.0.0 DC CAT II
1.205 WN19-PK-000010WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT II
1.205 WN19-PK-000010WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II
1.205 WN22-PK-000010WindowsCIS Microsoft Windows Server 2022 STIG v3.0.0 DC CAT II
1.205 WN22-PK-000010WindowsCIS Microsoft Windows Server 2022 STIG v3.0.0 MS CAT II
1.206 WN19-PK-000020WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II
1.206 WN19-PK-000020WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT II
1.206 WN22-PK-000020WindowsCIS Microsoft Windows Server 2022 STIG v3.0.0 DC CAT II
1.206 WN22-PK-000020WindowsCIS Microsoft Windows Server 2022 STIG v3.0.0 MS CAT II
1.207 WN19-PK-000030WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II
1.207 WN19-PK-000030WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT II
1.207 WN22-PK-000030WindowsCIS Microsoft Windows Server 2022 STIG v3.0.0 DC CAT II
1.207 WN22-PK-000030WindowsCIS Microsoft Windows Server 2022 STIG v3.0.0 MS CAT II
1.319 ALMA-09-041270UnixCIS Cloud Linux AlmaLinux OS 9 STIG v1.0.0 CAT II
1.448 OL09-00-900140UnixCIS Oracle Linux 9 STIG v1.0.0 CAT II
AADC-CL-000990 - Adobe Acrobat Pro DC Classic periodic downloading of Adobe European certificates must be disabled.WindowsDISA STIG Adobe Acrobat Pro DC Classic Track v2r1
AADC-CL-001320 - Adobe Acrobat Pro DC Classic Periodic downloading of Adobe certificates must be disabled.WindowsDISA STIG Adobe Acrobat Pro DC Classic Track v2r1
AADC-CN-000990 - Adobe Acrobat Pro DC Continuous periodic downloading of Adobe European certificates must be disabled.WindowsDISA STIG Adobe Acrobat Pro DC Continuous Track v2r1
AADC-CN-001320 - Adobe Acrobat Pro DC Continuous Periodic downloading of Adobe certificates must be disabled.WindowsDISA STIG Adobe Acrobat Pro DC Continuous Track v2r1
ADBP-XI-000990 - Adobe Acrobat Pro XI periodic downloading of Adobe European certificates must be disabled.WindowsDISA Adobe Acrobat Pro XI STIG v1r2
ADBP-XI-001320 - Adobe Acrobat Pro XI Periodic downloading of Adobe certificates must be disabled.WindowsDISA Adobe Acrobat Pro XI STIG v1r2
AIX7-00-001105 - AIX must only allow the use of DoD PKI-established certificate authorities for verification of the establishment of protected sessions.UnixDISA IBM AIX 7.x STIG v3r2
ALMA-09-041270 - AlmaLinux OS 9 must only allow the use of DOD PKI-established certificate authorities for authentication in the establishment of protected sessions to the operating system.UnixDISA Cloud Linux AlmaLinux OS 9 STIG v1r6
APPL-14-001060 - The macOS system must set smart card certificate trust to moderate.UnixDISA Apple macOS 14 Sonoma STIG v2r4
APPL-14-003001 - The macOS system must issue or obtain public key certificates from an approved service provider.UnixDISA Apple macOS 14 Sonoma STIG v2r4
APPL-15-001060 - The macOS system must set smart card certificate trust to moderate.UnixDISA Apple macOS 15 Sequoia STIG v1r7
APPL-15-003001 - The macOS system must issue or obtain public key certificates from an approved service provider.UnixDISA Apple macOS 15 Sequoia STIG v1r7
APPL-26-001060 - The macOS system must set smart card certificate trust to moderate.UnixDISA Apple macOS 26 Tahoe STIG v1r2
APPL-26-003001 - The macOS system must issue or obtain public key certificates from an approved service provider.UnixDISA Apple macOS 26 Tahoe STIG v1r2
ARDC-CL-000330 - Adobe Reader DC must disable periodical uploading of European certificates.WindowsDISA STIG Adobe Acrobat Reader DC Classic Track v2r1
ARDC-CL-000335 - Adobe Reader DC must disable periodical uploading of Adobe certificates.WindowsDISA STIG Adobe Acrobat Reader DC Classic Track v2r1
ARDC-CN-000330 - Adobe Reader DC must disable periodical uploading of European certificates.WindowsDISA STIG Adobe Acrobat Reader DC Continuous Track v2r1
ARDC-CN-000335 - Adobe Reader DC must disable periodical uploading of Adobe certificates.WindowsDISA STIG Adobe Acrobat Reader DC Continuous Track v2r1
AS24-U1-000030 - The Apache web server must use cryptography to protect the integrity of remote sessionsUnixDISA STIG Apache Server 2.4 Unix Server v3r2 Middleware