The operating system must employ FIPS-validate or NSA-approved cryptography to implement digital signatures.

An XCCDF Rule

Details
Profiles

Description

FIPS 140-2 is the current standard for validating cryptographic modules, and NSA Type-X (where X=1, 2, 3, 4) products are NSA-certified hardware based encryption modules.

ID: SV-220003r987791_rule
Version: SOL-11.1-060060
Severity: Medium
References: CCI-002450
Updated: about 2 months ago

Remediation Templates

The Crypto Management profile is required to execute this command.

This action applies to the global zone only. Determine the zone that you are currently securing.

# zonename
If the command output is "global", this action applies.

Enable FIPS-140 mode.

# pfexec cryptoadm enable fips-140

Reboot the system as requested.

The operating system must employ FIPS-validate or NSA-approved cryptography to implement digital signatures.

Description

Remediation Templates

A Manual Procedure