STIGhub
STIGs
RMF Controls
Compare
← All Controls
SC-23 (5)
System and Communications Protection
Rev 5
Session Authenticity
CCI Identifiers (2)
CCI-002469
Defines the certificate authorities allowed to be used for verification of the establishment of protected sessions.
CCI-002470
Only allow the use of organization-defined certificate authorities for verification of the establishment of protected sessions.
Linked STIG Checks (147)
Across 116 STIGs. Click to expand.
▶
A10 Networks ADC ALG Security Technical Implementation Guide
1 check
▶
Adobe Acrobat Professional DC Continuous Track Security Technical Implementation Guide
2 checks
▶
Adobe Acrobat Reader DC Continuous Track Security Technical Implementation Guide
2 checks
▶
Adobe ColdFusion Security Technical Implementation Guide
1 check
▶
Akamai KSD Service Impact Level 2 ALG Security Technical Implementation Guide
1 check
▶
Amazon Linux 2023 Security Technical Implementation Guide
1 check
▶
Anduril NixOS Security Technical Implementation Guide
1 check
▶
Apache Server 2.4 UNIX Server Security Technical Implementation Guide
1 check
▶
Apache Server 2.4 UNIX Site Security Technical Implementation Guide
1 check
▶
Apache Server 2.4 Windows Server Security Technical Implementation Guide
1 check
▶
Apache Tomcat Application Server 9 Security Technical Implementation Guide
1 check
▶
Apple macOS 12 (Monterey) Security Technical Implementation Guide
1 check
▶
Apple macOS 13 (Ventura) Security Technical Implementation Guide
1 check
▶
Apple macOS 14 (Sonoma) Security Technical Implementation Guide
1 check
▶
Apple macOS 15 (Sequoia) Security Technical Implementation Guide
2 checks
▶
Apple macOS 26 (Tahoe) Security Technical Implementation Guide
2 checks
▶
Application Layer Gateway Security Requirements Guide
1 check
▶
Application Security and Development Security Technical Implementation Guide
1 check
▶
Application Server Security Requirements Guide
1 check
▶
ArcGIS for Server 10.3 Security Technical Implementation Guide
1 check
▶
Arctic Wolf CylanceON-PREM Security Technical Implementation Guide
1 check
▶
AvePoint Compliance Guardian Security Technical Implementation Guide
1 check
▶
AvePoint DocAve 6 Security Technical Implementation Guide
1 check
▶
Axonius Federal Systems Ax-OS Security Technical Implementation Guide
1 check
▶
BlackBerry Enterprise Mobility Server 2.x Security Technical Implementation Guide
1 check
▶
BlackBerry Enterprise Mobility Server 3.x Security Technical Implementation Guide
1 check
▶
CA API Gateway ALG Security Technical Implementation Guide
1 check
▶
Canonical Ubuntu 18.04 LTS Security Technical Implementation Guide
1 check
▶
Canonical Ubuntu 20.04 LTS Security Technical Implementation Guide
1 check
▶
Canonical Ubuntu 22.04 LTS Security Technical Implementation Guide
1 check
▶
Canonical Ubuntu 24.04 LTS Security Technical Implementation Guide
1 check
▶
Central Log Server Security Requirements Guide
1 check
▶
Citrix Virtual Apps and Desktop 7.x Linux Virtual Delivery Agent Security Technical Implementation Guide
1 check
▶
Citrix XenDesktop 7.x Receiver Security Technical Implementation Guide
1 check
▶
Cloud Linux AlmaLinux OS 9 Security Technical Implementation Guide
1 check
▶
Crunchy Data Postgres 16 Security Technical Implementation Guide
1 check
▶
Crunchy Data PostgreSQL Security Technical Implementation Guide
1 check
▶
Database Security Requirements Guide
1 check
▶
Docker Enterprise 2.x Linux/UNIX Security Technical Implementation Guide
2 checks
▶
Domain Name System (DNS) Security Requirements Guide
1 check
▶
Dragos Platform 2.x Security Technical Implementation Guide
1 check
▶
EDB Postgres Advanced Server v11 on Windows Security Technical Implementation Guide
1 check
▶
EDB Postgres Advanced Server v9.6 Security Technical Implementation Guide
1 check
▶
Enterprise Voice, Video, and Messaging Session Management Security Requirements Guide
1 check
▶
EnterpriseDB Postgres Advanced Server (EPAS) Security Technical Implementation Guide
1 check
▶
F5 BIG-IP Access Policy Manager Security Technical Implementation Guide
1 check
▶
F5 BIG-IP Local Traffic Manager Security Technical Implementation Guide
1 check
▶
F5 BIG-IP TMOS ALG Security Technical Implementation Guide
1 check
▶
F5 NGINX Security Technical Implementation Guide
1 check
▶
General Purpose Operating System Security Requirements Guide
1 check
▶
HPE 3PAR StoreServ 3.3.x Security Technical Implementation Guide
5 checks
▶
IBM AIX 7.x Security Technical Implementation Guide
1 check
▶
IBM DataPower ALG Security Technical Implementation Guide
1 check
▶
IBM DB2 V10.5 LUW Security Technical Implementation Guide
1 check
▶
IBM MQ Appliance V9.0 AS Security Technical Implementation Guide
1 check
▶
IBM WebSphere Liberty Server Security Technical Implementation Guide
1 check
▶
IBM WebSphere Traditional V9.x Security Technical Implementation Guide
1 check
▶
IBM z/OS ACF2 Security Technical Implementation Guide
1 check
▶
IBM z/OS RACF Security Technical Implementation Guide
1 check
▶
IBM z/OS TSS Security Technical Implementation Guide
1 check
▶
ISEC7 Sphere Security Technical Implementation Guide
1 check
▶
Ivanti EPMM Server Security Technical Implementation Guide
1 check
▶
Ivanti MobileIron Core MDM Server Security Technical Implementation Guide
1 check
▶
Ivanti MobileIron Sentry 9.x ALG Security Technical Implementation Guide
1 check
▶
Ivanti Sentry 9.x ALG Security Technical Implementation Guide
1 check
▶
JBoss Enterprise Application Platform 6.3 Security Technical Implementation Guide
1 check
▶
Juniper SRX Services Gateway VPN Security Technical Implementation Guide
1 check
▶
Juniper SRX SG VPN Security Technical Implementation Guide
1 check
▶
MariaDB Enterprise 10.x Security Technical Implementation Guide
1 check
▶
MarkLogic Server v9 Security Technical Implementation Guide
1 check
▶
Microsoft IIS 10.0 Site Security Technical Implementation Guide
2 checks
▶
Microsoft Windows 10 Security Technical Implementation Guide
3 checks
▶
Microsoft Windows 11 Security Technical Implementation Guide
2 checks
▶
Microsoft Windows 2012 Server Domain Name System Security Technical Implementation Guide
1 check
▶
Microsoft Windows Server 2016 Security Technical Implementation Guide
2 checks
▶
Microsoft Windows Server 2019 Security Technical Implementation Guide
3 checks
▶
Microsoft Windows Server 2022 Security Technical Implementation Guide
3 checks
▶
Microsoft Windows Server 2025 Security Technical Implementation Guide
3 checks
▶
Microsoft Windows Server Domain Name System (DNS) Security Technical Implementation Guide
1 check
▶
MongoDB Enterprise Advanced 3.x Security Technical Implementation Guide
1 check
▶
MongoDB Enterprise Advanced 4.x Security Technical Implementation Guide
1 check
▶
MongoDB Enterprise Advanced 7.x Security Technical Implementation Guide
1 check
▶
MongoDB Enterprise Advanced 8.x Security Technical Implementation Guide
1 check
▶
Nutanix Acropolis Application Server Security Technical Implementation Guide
1 check
▶
Nutanix AOS 5.20.x Application Security Technical Implementation Guide
1 check
▶
Okta Identity as a Service (IDaaS) Security Technical Implementation Guide
1 check
▶
Oracle HTTP Server 12.1.3 Security Technical Implementation Guide
6 checks
▶
Oracle Linux 9 Security Technical Implementation Guide
1 check
▶
Oracle MySQL 8.0 Security Technical Implementation Guide
1 check
▶
Palo Alto Networks ALG Security Technical Implementation Guide
1 check
▶
PostgreSQL 9.x Security Technical Implementation Guide
1 check
▶
Redis Enterprise 6.x Security Technical Implementation Guide
1 check
▶
SPEC Innovations Innoslate 4.x Security Technical Implementation Guide
1 check
▶
Splunk Enterprise 7.x for Windows Security Technical Implementation Guide
1 check
▶
Splunk Enterprise 8.x for Linux Security Technical Implementation Guide
1 check
▶
Symantec Edge SWG ALG Security Technical Implementation Guide
1 check
▶
Symantec ProxySG ALG Security Technical Implementation Guide
1 check
▶
Tanium 7.0 Security Technical Implementation Guide
1 check
▶
Tanium 7.3 Security Technical Implementation Guide
1 check
▶
Tanium 7.x Application on TanOS Security Technical Implementation Guide
1 check
▶
Tanium 7.x Security Technical Implementation Guide
1 check
▶
Trend Micro Deep Security 9.x Security Technical Implementation Guide
1 check
▶
Unified Endpoint Management Agent Security Requirements Guide
2 checks
▶
Unified Endpoint Management Server Security Requirements Guide
6 checks
▶
Virtual Machine Manager Security Requirements Guide
1 check
▶
Virtual Private Network (VPN) Security Requirements Guide
1 check
▶
VMware Automation 7.x Application Security Technical Implementation Guide
1 check
▶
VMware Horizon 7.13 Connection Server Security Technical Implementation Guide
1 check
▶
VMware vRealize Operations Manager 6.x Application Security Technical Implementation Guide
1 check
▶
VMware vSphere 7.0 vCenter Security Technical Implementation Guide
1 check
▶
VMware vSphere 8.0 vCenter Security Technical Implementation Guide
1 check
▶
Web Server Security Requirements Guide
1 check
▶
Xylok Security Suite 20.x Security Technical Implementation Guide
1 check
▶
zOS WebSphere MQ for ACF2 Security Technical Implementation Guide
1 check
▶
zOS WebSphere MQ for RACF Security Technical Implementation Guide
1 check
▶
zOS WebSphere MQ for TSS Security Technical Implementation Guide
1 check