SRG-OS-000396-GPOS-00176 Controls

STIG IDVersionTitleProduct
UBTU-20-010442V1R9The Ubuntu operating system must implement NIST FIPS-validated cryptography to protect classified information and for the following: To provision digital signatures, to generate cryptographic hashes, and to protect unclassified information requiring confidentiality and cryptographic protection in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards.
WN22-DC-000140V2R1Windows Server 2022 must use separate, NSA-approved (Type 1) cryptography to protect the directory data in transit for directory service implementations at a classified confidentiality level when replication data traverses a network cleared to a lower level than the data.
UBTU-22-671010V2R1Ubuntu 22.04 LTS must implement NIST FIPS-validated cryptography to protect classified information and for the following: To provision digital signatures, to generate cryptographic hashes, and to protect unclassified information requiring confidentiality and cryptographic protection in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards.
RHEL-09-672010V2R1RHEL 9 must have the crypto-policies package installed.
RHEL-09-672020V2R1RHEL 9 crypto policy must not be overridden.
RHEL-09-672045V2R1RHEL 9 must implement a system-wide encryption policy.
OL09-00-000240V1R1OL 9 must have the crypto-policies package installed.
OL09-00-000241V1R1OL 9 must implement a FIPS 140-3 compliant system-wide cryptographic policy.
OL09-00-000242V1R1OL 9 must not allow the cryptographic policy to be overridden.
WN16-DC-000140V2R10Separate, NSA-approved (Type 1) cryptography must be used to protect the directory data in transit for directory service implementations at a classified confidentiality level when replication data traverses a network cleared to a lower level than the data.
SLES-15-010510V1R9FIPS 140-2 mode must be enabled on the SUSE operating system.
WN19-DC-000140V2R8Windows Server 2019 must use separate, NSA-approved (Type 1) cryptography to protect the directory data in transit for directory service implementations at a classified confidentiality level when replication data traverses a network cleared to a lower level than the data.
This website is not created by, run, approved, or endorsed by the U.S. Department of Defense. Use at your own risk. This website is created by open-source software.