Skip to content
ATO Pathways
  Log In

CCI-004910

Provide protected storage for cryptographic keys with organization-defined safeguards and/or hardware protected key store.

Logo
1

Rule

Severity: Medium
Keystore file must be protected.
Logo
1

Rule

Severity: Medium
The ALG must provide protected storage for cryptographic keys with organization-defined safeguards and/or hardware protected key store.
Logo
1

Rule

Severity: Medium
The application server must provide protected storage for cryptographic keys with organization-defined safeguards and/or hardware protected key store.
Logo
1

Rule

Severity: Medium
The Central Log Server must provide protected storage for cryptographic keys with organization-defined safeguards and/or hardware protected key store.
Logo
2

Rule

Severity: High
The Cisco router must only store cryptographic representations of passwords.
Logo
2

Rule

Severity: High
The Cisco switch must only store cryptographic representations of passwords.
Logo
1

Rule

Severity: Medium
The container platform must provide protected storage for cryptographic keys with organization-defined safeguards and/or hardware protected key store.
Logo
1

Rule

Severity: Medium
The DBMS must provide protected storage for cryptographic keys with organization-defined safeguards and/or hardware protected key store.
Logo
1

Rule

Severity: Medium
The DNS server implementation must provide protected storage for cryptographic keys with organization-defined safeguards and/or hardware protected key store.
Logo
1

Rule

Severity: Medium
The operating system must provide protected storage for cryptographic keys with organization-defined safeguards and/or hardware protected key store.
Logo
1

Rule

Severity: Medium
IBM z/OS must use ICSF or SAF Key Rings for key management.
Logo
1

Rule

Severity: Medium
IBM z/OS for PKI-based authentication must use ICSF or the ESM to store keys.
Logo
1

Rule

Severity: Medium
IBM z/OS, for PKI-based authentication, must use the ICSF or ESM for key management.
Logo
1

Rule

Severity: Medium
The Mainframe Product must provide protected storage for cryptographic keys with organization-defined safeguards and/or hardware protected key store.
Logo
1

Rule

Severity: Medium
The network device must be configured to provide protected storage for cryptographic keys with organization-defined safeguards and/or hardware protected key store.
Logo
2

Rule

Severity: Medium
Splunk Enterprise must only allow the use of DOD-approved certificate authorities for cryptographic functions.
Logo
1

Rule

Severity: Medium
The VMM must provide protected storage for cryptographic keys with organization-defined safeguards and/or hardware protected key store.
Logo
1

Rule

Severity: Medium
The web server must provide protected storage for cryptographic keys with organization-defined safeguards and/or hardware protected key store.

Patternfly

PatternFly elements

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules