Detections
Analytics

CSCv7|18.5

Title

Use Only Standardized and Extensively Reviewed Encryption Algorithms

Description

Use only standardized and extensively reviewed encryption algorithms.

Reference Item Details

Category: Application Software Security

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.1.2 Ensure 'Enable Password' is setCiscoCIS Cisco Firewall v8.x L1 v4.2.0
1.1.2 Ensure 'Enable Password' is setCiscoCIS Cisco ASA 9.x Firewall L1 v1.0.0
1.1.2 Ensure 'Enable Password' is setCiscoCIS Cisco ASA 9.x Firewall L1 v1.1.0
1.1.2 Ensure 'Enable Password' is setCiscoCIS Cisco Firewall ASA 9 L1 v4.1.0
1.1.3 Ensure 'Master Key Passphrase' is setCiscoCIS Cisco Firewall v8.x L1 v4.2.0
1.1.3 Ensure 'Master Key Passphrase' is setCiscoCIS Cisco ASA 9.x Firewall L1 v1.1.0
1.1.3 Ensure 'Master Key Passphrase' is setCiscoCIS Cisco Firewall ASA 9 L1 v4.1.0
1.1.3 Ensure 'Master Key Passphrase' is setCiscoCIS Cisco ASA 9.x Firewall L1 v1.0.0
1.5.6 Ensure NIST FIPS-validated cryptography is configured - enabledUnixCIS Amazon Linux 2 STIG v1.0.0 L3
1.5.6 Ensure NIST FIPS-validated cryptography is configured - grubUnixCIS Amazon Linux 2 STIG v1.0.0 L3
1.5.6 Ensure NIST FIPS-validated cryptography is configured - installedUnixCIS Amazon Linux 2 STIG v1.0.0 L3
1.5.9 Ensure NIST FIPS-validated cryptography is configured - etcUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.5.9 Ensure NIST FIPS-validated cryptography is configured - grubUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.5.9 Ensure NIST FIPS-validated cryptography is configured - procUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.5.9 Ensure NIST FIPS-validated cryptography is configured - rpmUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.5.10 Require 'aes 128' as minimum for 'snmp-server user' when using SNMPv3CiscoCIS Cisco IOS XE 16.x v2.1.0 L2
1.5.10 Require 'aes 128' as minimum for 'snmp-server user' when using SNMPv3CiscoCIS Cisco IOS XE 17.x v2.1.0 L2
1.8.3 Set SSH Key Modulus LengthCiscoCIS Cisco NX-OS L2 v1.1.0
2.1.1.1.3 Set 'modulus' to greater than or equal to 2048 for 'crypto key generate rsa'CiscoCIS Cisco IOS XE 16.x v2.1.0 L1
2.1.1.1.3 Set 'modulus' to greater than or equal to 2048 for 'crypto key generate rsa'CiscoCIS Cisco IOS XE 17.x v2.1.0 L1
2.3.11.10 (L1) Ensure 'Network security: Minimum session security for NTLM SSP based (including secure RPC) servers' is set to 'Require NTLMv2 session security, Require 128-bit encryption'WindowsCIS Microsoft Windows Server 2016 STIG v2.0.0 L1 MS
2.3.11.10 (L1) Ensure 'Network security: Minimum session security for NTLM SSP based (including secure RPC) servers' is set to 'Require NTLMv2 session security, Require 128-bit encryption'WindowsCIS Microsoft Windows Server 2016 v3.0.0 L1 MS
2.3.11.10 (L1) Ensure 'Network security: Minimum session security for NTLM SSP based (including secure RPC) servers' is set to 'Require NTLMv2 session security, Require 128-bit encryption'WindowsCIS Microsoft Windows Server 2016 STIG v2.0.0 L1 DC
2.3.11.10 (L1) Ensure 'Network security: Minimum session security for NTLM SSP based (including secure RPC) servers' is set to 'Require NTLMv2 session security, Require 128-bit encryption'WindowsCIS Microsoft Windows Server 2019 STIG v2.0.0 L1 DC
2.3.11.10 (L1) Ensure 'Network security: Minimum session security for NTLM SSP based (including secure RPC) servers' is set to 'Require NTLMv2 session security, Require 128-bit encryption'WindowsCIS Microsoft Windows Server 2019 STIG v2.0.0 STIG MS
2.10 Ensure Only Approved Ciphers are UsedMySQLDBCIS MySQL 5.6 Community Database L2 v2.0.0
2.10 Ensure Only Approved Ciphers are UsedMySQLDBCIS MySQL 5.6 Enterprise Database L2 v2.0.0
2.10 Limit Accepted Transport Layer Security (TLS) VersionsUnixCIS MariaDB 10.6 on Linux L2 v1.0.0
2.10 Limit Accepted Transport Layer Security (TLS) VersionsMySQLDBCIS MariaDB 10.6 Database L2 v1.0.0
2.10 Limit Accepted Transport Layer Security (TLS) VersionsUnixCIS MariaDB 10.6 on Linux L2 v1.1.0
2.10 Limit Accepted Transport Layer Security (TLS) VersionsMySQLDBCIS MariaDB 10.6 Database L2 v1.1.0
2.12 Ensure AES Encryption Mode for AES_ENCRYPT/AES_DECRYPT is Configured CorrectlyMySQLDBCIS MySQL 8.0 Community Database L2 v1.0.0
2.12 Ensure AES Encryption Mode for AES_ENCRYPT/AES_DECRYPT is Configured CorrectlyMySQLDBCIS MySQL 8.0 Enterprise Database L2 v1.3.0
2.12 Ensure AES Encryption Mode for AES_ENCRYPT/AES_DECRYPT is Configured CorrectlyMySQLDBCIS MySQL 8.0 Enterprise Database L2 v1.2.1
2.12 Ensure Only Approved Ciphers are UsedMySQLDBCIS MariaDB 10.6 Database L2 v1.1.0
2.12 Ensure Only Approved Ciphers are UsedUnixCIS MariaDB 10.6 on Linux L2 v1.1.0
2.12 Ensure Only Approved Ciphers are UsedMySQLDBCIS MariaDB 10.6 Database L2 v1.0.0
2.12 Ensure Only Approved Ciphers are UsedUnixCIS MariaDB 10.6 on Linux L2 v1.0.0
2.12 Limit Accepted Transport Layer Security (TLS) VersionsMySQLDBCIS MySQL 5.7 Community Database L2 v2.0.0
2.12 Limit Accepted Transport Layer Security (TLS) VersionsMySQLDBCIS MySQL 5.7 Enterprise Database L2 v2.0.0
2.14 Ensure Only Approved Ciphers are Used - ssl_cipherMySQLDBCIS MySQL 5.7 Community Database L2 v2.0.0
2.14 Ensure Only Approved Ciphers are Used - ssl_cipherMySQLDBCIS MySQL 5.7 Enterprise Database L2 v2.0.0
2.14 Ensure Only Approved Ciphers are Used - tls_ciphersuitesMySQLDBCIS MySQL 5.7 Community Database L2 v2.0.0
2.15 Limit Accepted Transport Layer Security (TLS) VersionsMySQLDBCIS MySQL 8.0 Enterprise Database L2 v1.3.0
2.15 Limit Accepted Transport Layer Security (TLS) VersionsMySQLDBCIS MySQL 8.0 Enterprise Database L2 v1.2.1
2.15 Limit Accepted Transport Layer Security (TLS) VersionsMySQLDBCIS MySQL 8.0 Community Database L2 v1.0.0
2.17 Ensure Only Approved Ciphers are UsedMySQLDBCIS MySQL 8.0 Enterprise Database L2 v1.3.0
2.17 Ensure Only Approved Ciphers are UsedMySQLDBCIS MySQL 8.0 Community Database L2 v1.0.0
2.17 Ensure Only Approved Ciphers are Used - ssl_cipherMySQLDBCIS MySQL 8.0 Enterprise Database L2 v1.2.1
2.17 Ensure Only Approved Ciphers are Used - tls_ciphersuitesMySQLDBCIS MySQL 8.0 Enterprise Database L2 v1.2.1