STIGhubSTIGhub
STIGsRMF ControlsCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • RMF Controls
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 3 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to Nutanix Acropolis GPOS Security Technical Implementation Guide

V-279622

CAT II (Medium)

Nutanix OS must provide protected storage for cryptographic keys with organization-defined safeguards and/or hardware protected key store.

Rule ID

SV-279622r1192573_rule

STIG

Nutanix Acropolis GPOS Security Technical Implementation Guide

Version

V1R1

CCIs

CCI-004910

Discussion

A Trusted Platform Module (TPM) is an example of a hardware-protected data store that can be used to protect cryptographic keys.

Check Content

Verify that the Nutanix OS hardware consists of a hardware TPM module installed and loaded using the following command.

$ sudo lsmod | grep -i tpm
tpm                    77824  1 trusted
rng_core               16384  1 tpm

If no lines are returned or if the TPM does not indicate "trusted", this is a finding.

Fix Text

Hardware TPM modules consist of a hardware chip that is built into the motherboard of the physical server. If no TPM module exists, then a new physical server is required.

For AHV, if the TPM module exists but is not "trusted' then something has been modified within AHV and the system must be rebuilt from source to correct this issue.