CCI-002422
Maintain the confidentiality and/or integrity of information during reception.
The BlackBerry UEM server must connect to [assignment: [SQL Server]] with an authenticated and secure (encrypted) connection to protect the confidentiality and integrity of transmitted information.
1 rule found Severity: Medium
Citrix License Server must maintain the confidentiality and integrity of information during reception.
1 rule found Severity: Medium
XenDesktop License Server must maintain the confidentiality and integrity of information during reception.
1 rule found Severity: Medium
1 rule found Severity: High
1 rule found Severity: Medium
2 rules found Severity: High
TCP socket binding for all Docker Engine - Enterprise nodes in a Universal Control Plane (UCP) cluster must be disabled.
1 rule found Severity: Medium
DoD-approved encryption must be implemented to protect the confidentiality and integrity of remote access sessions, information during preparation for transmission, information during reception, and information during transmission in addition to enforcing replay-resistant authentication mechanisms for network access to privileged accounts.
1 rule found Severity: High
1 rule found Severity: Medium
The MQ Appliance messaging server must implement cryptography mechanisms to protect the integrity of the remote access session.
1 rule found Severity: Medium
1 rule found Severity: Medium
The WebSphere Application Server must utilize FIPS 140-2-approved encryption modules when authenticating users and processes.
1 rule found Severity: Medium
2 rules found Severity: Medium
The ISEC7 EMM Suite must protect the confidentiality and integrity of transmitted information during preparation for transmission and during reception using cryptographic mechanisms.
1 rule found Severity: Medium
The confidentiality and integrity of information managed by SQL Server must be maintained during reception.
1 rule found Severity: Medium
1 rule found Severity: Medium
OHS must have the LoadModule ossl_module directive enabled to maintain the confidentiality and integrity of information during reception.
1 rule found Severity: Medium
OHS must have the SSLFIPS directive enabled to maintain the confidentiality and integrity of information during reception.
1 rule found Severity: Medium
OHS must have the SSLEngine, SSLProtocol, and SSLWallet directives enabled and configured to maintain the confidentiality and integrity of information during reception.
1 rule found Severity: Medium
OHS must have the SSLCipherSuite directive enabled to maintain the confidentiality and integrity of information during reception.
1 rule found Severity: Medium
If using the WebLogic Web Server Proxy Plugin and configuring end-to-end SSL, OHS must have the SSLSecureProxy directive enabled to maintain the confidentiality and integrity of information during reception.
1 rule found Severity: Medium
If using the WebLogic Web Server Proxy Plugin and configuring end-to-end SSL, OHS must have the WLSSLWallet directive enabled to maintain the confidentiality and integrity of information during reception.
1 rule found Severity: Medium
If using the WebLogic Web Server Proxy Plugin and configuring SSL termination at OHS, OHS must have the WLProxySSL directive enabled to maintain the confidentiality and integrity of information during reception.
1 rule found Severity: Medium
Innoslate must use TLS 1.2, at a minimum, to protect the confidentiality of sensitive data during electronic dissemination using remote access.
1 rule found Severity: High
Any Tanium configured EMAIL RESULTS connectors must be configured to enable TLS/SSL to encrypt communications.
2 rules found Severity: Medium
The Ubuntu operating system must use SSH to protect the confidentiality and integrity of transmitted information unless otherwise protected by alternative physical safeguards, such as, at a minimum, a Protected Distribution System (PDS).
1 rule found Severity: High
3 rules found Severity: Medium
3 rules found Severity: Medium
The Red Hat Enterprise Linux operating system must be configured so that all networked systems have SSH installed.
1 rule found Severity: Medium
The Red Hat Enterprise Linux operating system must be configured so that all networked systems use SSH for confidentiality and integrity of transmitted and received information as well as information during preparation for transmission.
1 rule found Severity: Medium
The EDB Postgres Advanced Server must maintain the confidentiality and integrity of information during reception.
2 rules found Severity: Medium
A BIND 9.x server implementation must maintain the integrity and confidentiality of DNS information while it is being prepared for transmission, in transmission, and in use and t must perform integrity verification and data origin verification for all DNS information.
1 rule found Severity: High
1 rule found Severity: Medium
1 rule found Severity: Medium
The storage used for data collection by CA IDMS Server and CA IDMS Web Services must be protected from online display and update.
1 rule found Severity: Medium
The Ubuntu operating system must use SSH to protect the confidentiality and integrity of transmitted information.
1 rule found Severity: High
SSMC must employ strong authenticators in the establishment of nonlocal maintenance and diagnostic sessions.
1 rule found Severity: Medium
SSMC web server must use encryption strength in accordance with the categorization of data hosted by the web server when remote connections are provided.
1 rule found Severity: High
The HPE 3PAR OS must be configured to restrict the encryption algorithms and protocols to comply with DOD-approved encryption to protect the confidentiality and integrity of remote access sessions.
1 rule found Severity: High
The WebSphere Liberty Server must use FIPS 140-2 approved encryption modules when authenticating users and processes.
1 rule found Severity: High
AIX must protect the confidentiality and integrity of transmitted information during preparation for transmission and maintain the confidentiality and integrity of information during reception and disable all non-encryption network access methods.
1 rule found Severity: Medium
The ISEC7 SPHERE must protect the confidentiality and integrity of transmitted information during preparation for transmission and during reception using cryptographic mechanisms.
1 rule found Severity: Medium
The Jamf Pro EMM server must connect to [Authentication Gateway Service (AGS)] with an authenticated and secure (encrypted) connection to protect the confidentiality and integrity of transmitted information.
1 rule found Severity: High
1 rule found Severity: Medium
Protection methods such as TLS, encrypted VPNs, or IPsec must be implemented if the data owner has a strict requirement for ensuring data integrity and confidentiality is maintained at every step of the data transfer and handling process.
1 rule found Severity: Medium
1 rule found Severity: Medium
The Oracle Linux operating system must be configured so that all networked systems have SSH installed.
1 rule found Severity: Medium
Automation Controller must use encryption strength in accordance with the categorization of the management data during remote access management sessions.
1 rule found Severity: Medium
Redis Enterprise DBMS must maintain the confidentiality and integrity of information during reception.
1 rule found Severity: Medium
The Automation Controller NGINX web server must employ cryptographic mechanisms (TLS/DTLS/SSL) to prevent the unauthorized disclosure of information during transmission.
1 rule found Severity: High
1 rule found Severity: High
All TOSS networked systems must have and implement SSH to protect the confidentiality and integrity of transmitted and received information, as well as information during preparation for transmission.
1 rule found Severity: Medium
1 rule found Severity: Medium
1 rule found Severity: High
1 rule found Severity: Medium
The Apache web server must use encryption strength in accordance with the categorization of data hosted by the Apache web server when remote connections are provided.
1 rule found Severity: Medium
An Apache web server must maintain the confidentiality of controlled information during transmission through the use of an approved TLS version.
1 rule found Severity: High
The application server must maintain the confidentiality and integrity of information during reception.
1 rule found Severity: Medium
1 rule found Severity: Medium
Ubuntu 22.04 LTS must use SSH to protect the confidentiality and integrity of transmitted information.
1 rule found Severity: High
All AlmaLinux OS 9 networked systems must implement SSH to protect the confidentiality and integrity of transmitted and received information, including information being prepared for transmission.
1 rule found Severity: Medium
1 rule found Severity: Medium
1 rule found Severity: Medium
The container platform must maintain the confidentiality and integrity of information during reception.
1 rule found Severity: Medium
1 rule found Severity: Medium
The operating system must maintain the confidentiality and integrity of information during reception.
1 rule found Severity: Medium
IBM z/OS SSL encryption options for the TN3270 Telnet Server must be specified properly for each statement that defines a SECUREPORT or within the TELNETGLOBALS.
2 rules found Severity: Medium
IBM z/OS SSL encryption options for the TN3270 Telnet server must be specified properly for each statement that defines a SECUREPORT or within the TELNETGLOBALS.
1 rule found Severity: Medium
1 rule found Severity: Medium
Windows Server 2019 must implement protection methods such as TLS, encrypted VPNs, or IPsec if the data owner has a strict requirement for ensuring data integrity and confidentiality is maintained at every step of the data transfer and handling process.
1 rule found Severity: Medium
Windows Server 2022 must implement protection methods such as TLS, encrypted VPNs, or IPsec if the data owner has a strict requirement for ensuring data integrity and confidentiality is maintained at every step of the data transfer and handling process.
1 rule found Severity: Medium
Rancher RKE2 must protect authenticity of communications sessions with the use of FIPS-validated 140-2 or 140-3 security requirements for cryptographic modules.
1 rule found Severity: High
All OL 8 networked systems must have and implement SSH to protect the confidentiality and integrity of transmitted and received information, as well as information during preparation for transmission.
1 rule found Severity: Medium
All RHEL 9 networked systems must have and implement SSH to protect the confidentiality and integrity of transmitted and received information, as well as information during preparation for transmission.
1 rule found Severity: Medium
All networked SUSE operating systems must have and implement SSH to protect the confidentiality and integrity of transmitted and received information, as well as information during preparation for transmission.
2 rules found Severity: High
1 rule found Severity: Medium
1 rule found Severity: Medium
The ESXi host must maintain the confidentiality and integrity of information during transmission by exclusively enabling Transport Layer Security (TLS) 1.2.
1 rule found Severity: High
1 rule found Severity: Medium
1 rule found Severity: Medium
1 rule found Severity: High
The vCenter Server must use TLS 1.2, at a minimum, to protect the confidentiality of sensitive data during electronic dissemination using remote access.
1 rule found Severity: High
The Photon operating system must have the OpenSSL FIPS provider installed to protect the confidentiality of remote access sessions.
2 rules found Severity: High
The vCenter PostgreSQL service must maintain the authenticity of communications sessions by guarding against man-in-the-middle attacks that guess at Session ID values.
1 rule found Severity: Medium
The vCenter Server must use DOD-approved encryption to protect the confidentiality of network sessions.
1 rule found Severity: Medium
1 rule found Severity: Medium