CCI|CCI-002476

Title

The information system implements cryptographic mechanisms to prevent unauthorized disclosure of organization-defined information at rest on organization-defined information system components.

Reference Item Details

Category: 2013

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.5.9 Ensure NIST FIPS-validated cryptography is configured - etcUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.5.9 Ensure NIST FIPS-validated cryptography is configured - grubUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.5.9 Ensure NIST FIPS-validated cryptography is configured - procUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.5.9 Ensure NIST FIPS-validated cryptography is configured - rpmUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
AIX7-00-002096 - AIX must encrypt user data at rest using AIX Encrypted File System (EFS) if it is required - clic.rte.kernextUnixDISA STIG AIX 7.x v2r6
AIX7-00-002096 - AIX must encrypt user data at rest using AIX Encrypted File System (EFS) if it is required - clic.rte.libUnixDISA STIG AIX 7.x v2r6
AIX7-00-002096 - AIX must encrypt user data at rest using AIX Encrypted File System (EFS) if it is required - EFS enabledUnixDISA STIG AIX 7.x v2r6
AOSX-13-000780 - The macOS system must implement cryptographic mechanisms to protect the confidentiality and integrity of all information at rest.UnixDISA STIG Apple Mac OSX 10.13 v2r5
AOSX-14-005020 - The macOS system must implement cryptographic mechanisms to protect the confidentiality and integrity of all information at rest.UnixDISA STIG Apple Mac OSX 10.14 v2r6
AOSX-15-005020 - The macOS system must implement cryptographic mechanisms to protect the confidentiality and integrity of all information at rest.UnixDISA STIG Apple Mac OSX 10.15 v1r8
APPL-11-005020 - The macOS system must implement cryptographic mechanisms to protect the confidentiality and integrity of all information at rest.UnixDISA STIG Apple macOS 11 v1r5
APPL-11-005020 - The macOS system must implement cryptographic mechanisms to protect the confidentiality and integrity of all information at rest.UnixDISA STIG Apple macOS 11 v1r6
APPL-12-005020 - The macOS system must implement cryptographic mechanisms to protect the confidentiality and integrity of all information at rest.UnixDISA STIG Apple macOS 12 v1r4
AS24-U2-000030 - The Apache web server must use encryption strength in accordance with the categorization of data hosted by the Apache web server when remote connections are provided - ssl_moduleUnixDISA STIG Apache Server 2.4 Unix Site v2r2
AS24-U2-000030 - The Apache web server must use encryption strength in accordance with the categorization of data hosted by the Apache web server when remote connections are provided - ssl_moduleUnixDISA STIG Apache Server 2.4 Unix Site v2r2 Middleware
AS24-U2-000030 - The Apache web server must use encryption strength in accordance with the categorization of data hosted by the Apache web server when remote connections are provided - SSLProtocolUnixDISA STIG Apache Server 2.4 Unix Site v2r2 Middleware
AS24-U2-000030 - The Apache web server must use encryption strength in accordance with the categorization of data hosted by the Apache web server when remote connections are provided - SSLProtocolUnixDISA STIG Apache Server 2.4 Unix Site v2r2
AS24-W2-000890 - An Apache web server must maintain the confidentiality of controlled information during transmission through the use of an approved TLS version - SSLEngineWindowsDISA STIG Apache Server 2.4 Windows Site v2r1
AS24-W2-000890 - An Apache web server must maintain the confidentiality of controlled information during transmission through the use of an approved TLS version - SSLProtocolWindowsDISA STIG Apache Server 2.4 Windows Site v2r1
Big Sur - Enforce FileVaultUnixNIST macOS Big Sur v1.4.0 - 800-53r4 High
Big Sur - Enforce FileVaultUnixNIST macOS Big Sur v1.4.0 - 800-53r5 High
Big Sur - Enforce FileVaultUnixNIST macOS Big Sur v1.4.0 - All Profiles
Big Sur - Enforce FileVaultUnixNIST macOS Big Sur v1.4.0 - 800-53r5 Moderate
Big Sur - Enforce FileVaultUnixNIST macOS Big Sur v1.4.0 - 800-171
Big Sur - Enforce FileVaultUnixNIST macOS Big Sur v1.4.0 - CNSSI 1253
Big Sur - Enforce FileVaultUnixNIST macOS Big Sur v1.4.0 - 800-53r4 Moderate
Catalina - Enforce FileVaultUnixNIST macOS Catalina v1.5.0 - 800-53r4 High
Catalina - Enforce FileVaultUnixNIST macOS Catalina v1.5.0 - 800-53r5 High
Catalina - Enforce FileVaultUnixNIST macOS Catalina v1.5.0 - All Profiles
Catalina - Enforce FileVaultUnixNIST macOS Catalina v1.5.0 - 800-53r5 Moderate
Catalina - Enforce FileVaultUnixNIST macOS Catalina v1.5.0 - 800-171
Catalina - Enforce FileVaultUnixNIST macOS Catalina v1.5.0 - 800-53r4 Moderate
Catalina - Enforce FileVaultUnixNIST macOS Catalina v1.5.0 - CNSSI 1253
DTOO187 - Office System - Rights managed Office Open XML files must be protected.WindowsDISA STIG Office System 2010 v1r12
DTOO187 - Rights managed Office Open XML files must be protected.WindowsDISA STIG Microsoft Office System 2013 v2r1
DTOO187 - Rights managed Office Open XML files must be protected.WindowsDISA STIG Microsoft Office System 2016 v2r2
DTOO321 - Encrypt document properties must be configured for OLE documents.WindowsDISA STIG Microsoft Office System 2016 v2r2
DTOO321 - Encrypt document properties must be configured for OLE documents.WindowsDISA STIG Microsoft Office System 2013 v2r1
DTOO321 - Office System - Encrypt document properties must be configured for OLE documents.WindowsDISA STIG Office System 2010 v1r12
EP11-00-009300 - The EDB Postgres Advanced Server must implement cryptographic mechanisms preventing the unauthorized disclosure of organization-defined information at rest on organization-defined information system components.WindowsEDB PostgreSQL Advanced Server v11 Windows OS Audit v2r1
IIST-SI-000242 - The IIS 10.0 private website must employ cryptographic mechanisms (TLS) and require client certificates.WindowsDISA IIS 10.0 Site v2r5
IISW-SI-000242 - The IIS 8.5 private website must employ cryptographic mechanisms (TLS) and require client certificates.WindowsDISA IIS 8.5 Site v2r5
Monterey - Enforce FileVaultUnixNIST macOS Monterey v1.0.0 - 800-53r5 Moderate
Monterey - Enforce FileVaultUnixNIST macOS Monterey v1.0.0 - CNSSI 1253
Monterey - Enforce FileVaultUnixNIST macOS Monterey v1.0.0 - 800-53r4 Moderate
Monterey - Enforce FileVaultUnixNIST macOS Monterey v1.0.0 - 800-53r5 High
Monterey - Enforce FileVaultUnixNIST macOS Monterey v1.0.0 - 800-53r4 High
Monterey - Enforce FileVaultUnixNIST macOS Monterey v1.0.0 - All Profiles
Monterey - Enforce FileVaultUnixNIST macOS Monterey v1.0.0 - 800-171
O365-CO-000002 - Document metadata for rights managed Office Open XML files must be protected.WindowsDISA STIG Microsoft Office 365 ProPlus v2r5