Nist stig list. Licensing: Not provided.

Nist stig list The Keyboard, Video, and Mouse (KVM) Checklist provides the technical security policies, requirements, and implementation details for applying security concepts to KVM and A/B This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DOD) information systems. Defense Information Systems Agency; Target: Nov 20, 2017 · Checklist Summary: . , z/OS RACF, z/OS ACF2, or z/OS TSS). DOD Instruction 8500. Below are tools which can be used to view the STIGs and a Whitepaper describing the STIG Viewing processes. Target Operational Environment: Managed; Specialized Security-Limited Functionality (SSLF) Testing Information: Dec 3, 2019 · This STIG has been developed to enhance the confidentiality, integrity, and availability of sensitive DoD Automated Information Systems (AIS). This document is meant for use in conjunction with other STIGs, such as the Windows Defender Antivirus STIG, Microsoft Edge STIG, MS OneDrive STIG, and appropriate operating Jan 8, 2025 · Across various industries including the Department of Defense (DoD), federal service agencies, financial institutions, healthcare and other highly regulated organizations, the National Institute of Standards and Technologies (NIST) 800-53 security framework, is used to describe security compliance. Enhance Your Security Compliance Oct 28, 2022 · Checklist Summary: . 2, Technologies, in NIST SP 1800-19B lists the products that we used and maps them to the cybersecurity controls provided by this reference solution. Feb 6, 2025 · The Microsoft Office System 2016 STIG must also be applied when any Office 2016 package is installed. TThe F5 BIG-IP 11. The operating system must implement cryptographic modules adhering to the higher standards approved by the federal government since this provides assurance they have been tested and validated. Therefore, these STIG settings are required for all Windows DNS implementations. The Windows Server 2022 STIG includes requirements for both domain controllers and member servers/standalone systems. This document is meant for use in conjunction with other STIGs, such as the Windows Defender Antivirus STIG, Microsoft Edge STIG, MS OneDrive STIG, and appropriate operating Dec 12, 2024 · The scope of this STIG covers only the Corporate Owned Personally Enabled (COPE) and Corporate Owned Business Only (COBO)1 use cases. , iOS 17 or iPadOS 17). Nov 4, 2024 · The Red Hat Enterprise Linux 8 (RHEL 8) Security Technical Implementation Guide (STIG) is published as a tool to improve the security of the Department of Defense (DoD) information systems. Feb 5, 2024 · The IBM zSecure Suite Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DOD) information systems. g. It is a standard catalog of security controls for protecting organizations’ operations, assets May 25, 2018 · Download SCAP 1. Each site network/communications infrastructure must provide secure, available, and reliable data for all customers. The first part provides steps to secure infrastructure baseline components such as operating systems, switches, access points, firewalls, and enterprise services and resources that are applicable to all builds. The GPOs provided contain most applicable GPO STIG settings contained in STIG files. 0 Virtual Machine STIG. 4 - Microsoft Windows Defender Firewall with Advanced Security STIG - Ver 2, Rel 2. 01 All technical NIST SP 800-53 requirements were considered while developing this STIG. S. Jan 29, 2025 · DoD Instruction (DoDI) 8500. Integrated. Feb 19, 2024 · Use of weak or untested encryption algorithms undermines the purposes of using encryption to protect data. The Google Android 9. RHEL 8 utilizes GRUB 2 as the default bootloader. pdf file and reading it. government repository. Sep 13, 2024 · Security Technical Implementation Guides (STIGs) that provides a methodology for standardized secure installation and maintenance of DOD IA and IA-enabled devices and systems. Find publicly available security checklists for various operating systems and applications from the U. Change History: Oct 6, 2022 · This document is meant for use in conjunction with other applicable STIGs including such topics as Active Directory Domain, Active Directory Forest, and Domain Name Service (DNS). CCI allows a security requirement that is expressed in a high-level policy framework to be decomposed and explicitly associated with the low-level security setting (s) that must be assessed to determine compliance with the objectives of that specific security control. 5 Server and Site Security Technical Implementation Guides (STIGs) and should be used to improve the security posture of a Department of Defense (DoD) web server and its associated websites. Aug 8, 2024 · The scope of this STIG covers only the Corporate Owned Personally Enabled (COPE) and Corporate Owned Business Only (COBO)1 use cases. The DNS Server service has greatly enhanced support for DNSSEC in Windows Server DNS. As such, getting to the content of a XCCDF formatted STIG to read and understand the content is not as easy as opening a . x Security Technical Implementation Guide (STIG) provides the technical security policies, requirements, and implementation details for applying security concepts to F5 BIG-IP device and modules. Download SCAP 1. The Samsung SDS Enterprise Mobility Management (EMM) Security Technical Implementation Guide (STIG) provides security policy and configuration requirements for the use of the EMM Server platform to provide administrative management of Mobile Operating System (MOS) devices in the Department of Defense (DoD). Those without a Common Access Card (CAC) that has DoD Certificates can obtain the STIG from https://public. Dec 20, 2024 · Intune is considered an endpoint management service and provides both mobile device management (MDM) and mobile application management (MAM) services. Author: Defense Information Systems Agency; Download SCAP 1. 2 Full Control List. Aug 9, 2024 · The scope of this STIG covers only the Corporate Owned Personally Enabled (COPE) and Corporate Owned Business Only (COBO)1 use cases. May 1, 2019 · A core mission for the Defense Information Systems Agency (DISA) Field Security Operations(FSO) is to secure Department of Defense (DoD) instant messaging systems. Checklist Role: Active Directory Server Feb 5, 2024 · The IBM zSecure Suite Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DOD) information systems. Jun 1, 2023 · FIPS 140-2 modules can remain active for up to five years after validation or until September 21, 2026, when the FIPS 140-2 validations will be moved to the historical list. cyber. Target Operational Environment: Managed; Specialized Security-Limited Functionality (SSLF) Testing Information: Dec 4, 2024 · Home DOD 8500 NIST 800-53 STIGS DISA STIG Library Compliance Tools About Toggle Theme The application server must prohibit or restrict the use of nonsecure ports, protocols, modules, and/or services as defined in the PPSM CAL and vulnerability assessments. Comments or proposed revisions to this document should be sent via email to the following address: disa. doc or . Aug 29, 2022 · The Microsoft Windows 11 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Nov 5, 2024 · The Microsoft Azure SQL Database Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DOD) information systems. mil. Nov 5, 2024 · The Oracle Database 12c Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. This document is meant for use in conjunction with other applicable STIGs, such as, but not limited to, Browsers, Antivirus, and other desktop applications. Checklist Role: Mar 3, 2025 · The Red Hat Enterprise Linux 7 (RHEL7) Security Technical Implementation Guide (STIG) is published as a tool to improve the security of the Department of Defense (DoD) information systems. This document is meant for use in conjunction with other STIGs, such as the Windows Defender Antivirus STIG, Microsoft Edge STIG, MS OneDrive STIG, and appropriate operating May 25, 2018 · Download SCAP 1. Management of Apple iOS/iPadOS and Android are not in scope for this STIG. Core application: Any application integrated into Google Android 13 by Google. This document is meant for use in conjunction with the Enclave, Network Infrastructure, Secure Remote Computing, and appropriate Operating System (OS) STIGs. 0 vCenter STIG. The process can be a little confusing and trying. 01. The items addressed in the STIG are not specific to an iOS/iPadOS hardware type/model; rather, they are tied to the version of the operating system running on the iPhone or iPad (e. Oct 29, 2021 · Checklist Summary: . x Security Technical Implementation Guide (STIG) provides the technical security policies, requirements, and implementation details for applying security concepts to Google Android devices running Android Pie (9) that process, store, or transmit unclassified data marked as “Controlled Unclassified Information (CUI)” or below. 0 STIGs: • VMware vSphere 7. Jan 30, 2025 · Checklist Summary: . • VMware vSphere 7. Aug 13, 2024 · The scope of this STIG covers only the Corporate Owned Personally Enabled (COPE) and Corporate Owned Business Only (COBO)1 use cases. 2 Content - Mozilla Firefox Windows STIG Benchmark - Ver 6, Rel 5. 0 ESXi STIG. 2 Content - Mozilla Firefox Linux STIG Benchmark - Ver 6, Rel 4. , iOS 16 or iPadOS 16). Aug 21, 2024 · The Microsoft Windows 11 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Feb 27, 2025 · This site contains the latest copies of STIGs, SRGs, and other related security information. This section documents how to secure the zero trust technology environments in this project’s builds. The processes andprocedures outlined in this Security Technica l Information Guide (STIG), when applied, will decrease the risk of unauthorized disclosure of sensitive information. Jan 29, 2025 · The following comprise the VMware vSphere 8. Click on a control to view detailed The Windows 7 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Toggle Theme. 0 vCenter Appliance Lookup Service STIG. x Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DOD) information systems. Dec 30, 2024 · Checklist Summary: . 1. Sponsor: Not provided. A report marked Controlled Unclassified Information (CUI) will be available for items that did not meet requirements. 32. Contains all requirements that have been flagged as applicable for the product which have been selected on a DoD baseline. mil/. Sep 16, 2024 · Checklist Summary: . Defense Information Systems Agency Nov 25, 2024 · This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DOD) information systems. Jun 10, 2024 · The Active Directory (AD) Domain Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Dec 6, 2017 · disa. This document is meant to be used in conjunction with the Red Hat Enterprise Linux (OS) STIG, Network STIG, and other STIGs as applicable to the database host environment. The PostgreSQL 9. 17 release will remain on Cyber Exchange for now, but the STIG-SRG Applicability Guide has been removed from Cyber Exchange because it has been fully incorporated into the new STIG Viewer 3 application. x Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments, suggestions, and success stories will improve subsequent versions of this guide. Comprehensive searching, filtering, and viewing of STIGs integrated with NIST SP 800-53 standards. ) • Rules for monitoring privileged accounts • Rules for user account restrictions on IT resources (functions restricted to only privileged account users on IT resources) • Requirements related to Jul 14, 2021 · Home DOD 8500 NIST 800-53 STIGS DISA STIG Library Compliance Tools About Toggle Theme Information Assurance - KVM or A/B Switch not listed on the NIAP U. 4 - Mozilla Firefox STIG - Ver 6, Rel 5 Jan 29, 2025 · The following comprise the VMware vSphere 7. May 1, 2019 · This Keyboard, Video, and Mouse (KVM) Overview is published as part of the Sharing Peripherals across the Network (SPAN) Security Technical Implementation Guide (STIG). The Google Android 12 Security Technical Implementation Guide (STIG) provides the technical security policies, requirements, and implementation details for applying security concepts to Google Android devices running Android 12 that process, store, or transmit unclassified data marked as “Controlled Unclassified Information (CUI)” or below. security technical implementation guide (STIG) Based on Department of Defense (DoD) policy and security controls. Oct 14, 2019 · There was not a good automated way to relate the NIST families and controls to DISA STIG checklists The Problem: Relating STIGs and CCIs to NIST Families and Controls When you have a system that needs to be authorized on DoD networks, you have to follow the high level process outlined just above in the diagram shown at a high level. The AD Domain STIG provides further guidance for secure configuration of Microsoft's AD implementation. 5 and SP 800-53B: spreadsheets for the Control Catalog and Control Baselines. Aug 7, 2024 · The Crunchy Data PostgreSQL Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Jan 23, 2024 · All technical NIST SP 800-53 requirements were considered while developing this STIG. Jan 26, 2021 · New supplemental materials are available for SP 800-53 Rev. This document is a requirement for all DoD-administered systems and all systems connected to DoD networks. 3 Content - Solaris 11 x86 STIG Benchmark - Ver 3, Rel 2. • VMware vSphere 8. A report marked Controlled Unclassified Information (CUI) will be available for those items that did not meet requirements. Apr 6, 2023 · The Nutanix Acropolis Operating System (AOS) 5. Requirements that are applicable and configurable will be included in the final STIG. Dec 12, 2024 · This site contains the latest copies of STIGs, SRGs, and other related security information. The IIS 10. Jul 25, 2023 · This document is meant for use in conjunction with other STIGs such as the Enclave, Network Infrastructure, Secure Remote Computing, and appropriate operating system (OS) STIGs. The requirements were developed from the General Purpose Operating System Security Requirements Guide (GPOS SRG). Jun 13, 2022 · FIPS 140-2 modules can remain active for up to five years after validation or until September 21, 2026, when the FIPS 140-2 validations will be moved to the historical list. Aug 15, 2024 · Checklist Summary: . Checklist Role: Active Directory Server The Windows 10 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Nov 5, 2024 · NIST SP 800-81 rev 2, “Secure Domain Name System (DNS) Deployment Guide,” has also been a resource in the development of this STIG. Implementation guide geared to a specific product and version. 5 Overview is a published document to provide an overview of the IIS 8. stig_spt@mail. Aug 22, 2024 · This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DOD) information systems. Note: The scope of this version of the Intune STIG is for Windows and macOS endpoint devices only. Jan 20, 2022 · All technical NIST SP 800-53 requirements were considered while developing this STIG. Oct 25, 2024 · The Juniper EX STIG comprises the following individual STIGs: • Juniper EX Network Device Management (NDM) STIG • Juniper EX Layer 2 (L2) Switch STIG • Juniper EX Router STIG The Juniper EX switches use the Junos operating system (OS), which provides a policy framework that is a collection of Junos OS policies that allows a user to Dec 23, 2024 · Checklist Summary: . Some system applications can compromise DOD data or upload users Jan 30, 2025 · The Oracle Database 12c Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Government Approved Protection Products Compliance List (PCL) for Peripheral Sharing Switches Oct 14, 2019 · There was not a good automated way to relate the NIST families and controls to DISA STIG checklists The Problem: Relating STIGs and CCIs to NIST Families and Controls When you have a system that needs to be authorized on DoD networks, you have to follow the high level process outlined just above in the diagram shown at a high level. This package contains ADMX template files, GPO backup exports, GPO reports, and WMI filter exports and STIG Checklist files. Aug 1, 2022 · Checklist Summary: . Author: Defense Information Systems Agency; Supporting Resources: Download Standalone XCCDF 1. Note that GRUB 2 command-line parameters are May 14, 2024 · The protection of Controlled Unclassified Information (CUI) is of paramount importance to federal agencies and can directly impact the ability of the Federal Government to successfully conduct its essential missions and functions. 2 Content: Download SCAP 1. 0 and should be used to improve the security posture of a Department of Defense (DoD) web server and its associated websites. Jan 29, 2025 · All technical NIST SP 800-53 requirements were considered while developing this STIG. All technical NIST SP 800-53 requirements were considered while developing this STIG. x on Red Hat Enterprise Linux Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Feb 3, 2025 · The Microsoft Windows 11 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. The MongoDB Enterprise Advanced 7. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. 3 Content - Solaris 11 SPARC STIG Benchmark - Ver 3, Rel 2. Preinstalled application: Additional noncore applications included in the Google Android 13 build by Google or the wireless carrier. The Fortinet FortiGate is a next-generation firewall (NGFW), providing security-driven networking and consolidating security capabilities, such as; intrusion prevention Nov 6, 2024 · This site contains the latest copies of STIGs, SRGs, and other related security information. Checklist Summary: . Dec 4, 2024 · Checklist Summary: . Mar 19, 2018 · NIST maintains the National Checklist Repository, which is a publicly available resource that contains information on a variety of security configuration checklists for specific IT products or categories of IT products. 34. 0 vCenter Appliance EAM Service STIG. A NIST Cybersecurity Practice Guide does not describe “the” solution, but a possible solution. . Mar 11, 2025 · This site contains the Security Technical Implementation Guides and Security Requirements Guides for the Department of Defense (DOD) information technology systems as mandated by DODI 8500. 0 Server Security Technical Implementation Guide (STIG) provides direction on performing an assessment of a server being used in a web server role using IIS 10. This publication provides federal agencies with recommended security requirements for protecting the confidentiality of CUI when the information is resident in STIG Spider. The requirements were developed from Federal and DoD consensus, as well as the Windows 7 Security Guide and security templates published by Microsoft Corporation. A security configuration checklist (also called a lockdown, hardening guide, or benchmark) is a series of instructions or Jan 29, 2025 · All technical NIST SP 800-53 requirements were considered while developing this STIG. Author: Defense Information Systems Agency; SCAP 1. This document provides technical security policies, requirements, and implementation details for applying security concepts to the Microsoft Azure SQL Database Oct 29, 2024 · This site contains the latest copies of STIGs, SRGs, and other related security information. Government Approved Protection Products Compliance List (PCL) for Peripheral Sharing Switches The administrator must fully test GPOs in test environments prior to live production deployments. Dec 4, 2024 · The system application disable list controls user access to/execution of all core and preinstalled applications. 0 VAMI STIG. 0 Content - Windows XP STIG Benchmark Version 6, Release 1. STIG Viewer 3 integrates the capabilities of two previous DISA tools: STIG Viewer 2 and the STIG-SRG Applicability Guide. Jan 28, 2019 · This document is meant for use in conjunction with other applicable STIGs including such topics as Active Directory Domain, Active Directory Forest, and Domain Name Service (DNS). Even on the historical list, CMVP supports the purchase and use of these modules for existing systems. This Internet Information Services (IIS) 8. 0 STIGs: • VMware vSphere 8. Section 4. Oct 25, 2024 · Checklist Summary: . Licensing: Not provided. Target Operational Environment: Managed; Specialized Security-Limited Functionality (SSLF) Testing Information: Nov 5, 2024 · The Active Directory (AD) Domain Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. 2 Content - Sunset - Solaris 11 SPARC STIG Benchmark - Ver 2, Rel 4 Aug 7, 2024 · The following topics are not in scope for this STIG: • Rules for setting up and managing privileged accounts (roles, least privilege, etc. The STIG Viewer 2. 20. Change History: Version 7, Release 1 - 28 October 2011 Updated "Point of Contact" - 07 January 2015 Moved to Archive status - 12/06/2017 Dependency/Requirements: Mar 16, 2020 · This STIG has been developed to enhance the confidentiality, integrity, and availability of sensitive DoD Automated Information Systems (AIS). , iOS 15 or iPadOS 15). Included in this release are updated guidance documents (HTML, PDF, XLS, XCCDF) for the NIST SP 800-53r5 Low, Moderate, and High, BSI indigo, DISA STIG, DISA STIG BYOAD, CIS iOS/iPadOS Benchmarks Level 1 and 2 (BYOD and Enterprise), and CIS Critical Security Controls Version 8 baselines for iOS/iPadOS 17. Jul 25, 2023 · All technical NIST SP 800-53 requirements were considered while developing this STIG. 2 Content - Microsoft Windows Defender Firewall with Advanced Security STIG Benchmark - Ver 2, Rel 3. A report marked For Official Use Only (FOUO) will be available for those items that did not meet requirements. The Windows Server 2016 STIG includes requirements for both domain controllers and member servers/standalone systems. 0 vCenter Appliance Envoy Service STIG. The Windows 10 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Point of Contact: disa. 0 vCenter Appliance EAM STIG. Microsoft Windows Server DNS – This STIG will be used for all Windows DNS servers, whether they are Active Directory (AD)- integrated, authoritative file-backed DNS zones, a hybrid of both, or a recursive caching server. The Cisco Adaptive Security Appliance (ASA) Security Technical Implementation Guide (STIG) provides the technical security policies, requirements, and implementation details for applying security concepts to Cisco ASA devices such as the ASA 5500 series and the 5500-X series with FirePOWER Services. This document is meant for use in conjunction with other STIGs, such as the appropriate operating system STIGs (i. This document is meant for use in conjunction with other STIGs, such as the Enclave, Network Infrastructure, and Secure Remote Computing STIGs. This guidance bridges the gap between the National Institute of Standards and Technology Special Publication 800-53 and risk management framework (RMF). Apr 15, 2019 · Download SCAP 1. Jan 30, 2025 · The Red Hat Enterprise Linux 8 (RHEL 8) Security Technical Implementation Guide (STIG) is published as a tool to improve the security of the Department of Defense (DoD) information systems. The F5 BIG-IP Security Technical Implementation Guide (STIG) provides security policy and technical configuration requirements for deploying the appliance in the Department of Defense (DOD) networking environment. , iOS 18 or iPadOS 18). Those without a Common Access Card (CAC) that has DOD Certificates can obtain the STIG from https://public. Search by checklist type, authority, target, order, content type, tool compatibility and keyword. 4 - Windows XP STIG - Version 6, Release 1. e. Jul 14, 2021 · Home DOD 8500 NIST 800-53 STIGS DISA STIG Library Compliance Tools About Toggle Theme Information Assurance - KVM or A/B Switch not listed on the NIAP U. Dec 4, 2024 · This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DOD) information systems. Home DOD 8500 NIST 800-53 STIGS DISA STIG Library Compliance Tools About. oapjw xfsau epfjaq yduxarygt qrzj tbfzi odazhz fsz nydf gsge ujyxc rhkljj ifyv fzxas lzmbe