NIST 800-171 v2
110 security requirements available
3.13.11Derived Requirement
System and Communications Protection
Security Requirement
Employ FIPS-validated cryptography when used to protect the confidentiality of CUI.
Discussion
Cryptography can be employed to support many security solutions including the protection of controlled unclassified information, the provision of digital signatures, and the enforcement of information separation when authorized individuals have the necessary clearances for such information but lack the necessary formal access approvals. Cryptography can also be used to support random number generation and hash generation. Cryptographic standards include FIPS-validated cryptography and/or NSA-approved cryptography. See [NIST CRYPTO]; [NIST CAVP]; and [NIST CMVP].
- Framework
- NIST SP 800-171 Rev 2
- Family
- System and Communications Protection
- Requirement Type
- derived
Related Frameworks
4 paths across 2 frameworks
Related Frameworks
NIST 800-531 mapping
SC-13
1.00
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
CCI3 mappings
CCI-002449
1.00
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-002450
1.00
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-004900
1.00
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
- DISA · 2025-01-23 · disa_cci_list · equivalent
Related STIGs
141 STIGs reach this control through 3 CCIs via 800-53 control SC-13. Expand a row to see the responsible NICE and O*NET roles.
Operating System — Desktop
3 STIGs
Operating System — Desktop
3 STIGsMicrosoft Windows 10 Security Technical Implementation Guide
32025-02-251 of 261 findings match
M1
Microsoft Windows 11 Security Technical Implementation Guide
V2R72026-02-121 of 262 findings match
M1
Microsoft Windows 11 Security Technical Implementation Guide
22025-05-151 of 258 findings match
M1
Operating System — Server
35 STIGs
Operating System — Server
35 STIGsOracle Linux 9 Security Technical Implementation Guide
12025-05-084 of 456 findings match
H1M3
General Purpose Operating System Security Requirements Guide
V3R32025-09-223 of 203 findings match
H2M1
Oracle Linux 8 Security Technical Implementation Guide
V2R82026-02-133 of 375 findings match
H3
Oracle Linux 9 Security Technical Implementation Guide
V1R52026-02-173 of 448 findings match
H3
Red Hat Enterprise Linux 9 Security Technical Implementation Guide
22025-05-143 of 450 findings match
H1M2
Red Hat Enterprise Linux 9 Security Technical Implementation Guide
V2R82026-02-053 of 446 findings match
H3
Amazon Linux 2023 Security Technical Implementation Guide
V1R32026-02-272 of 187 findings match
H2
General Purpose Operating System Security Requirements Guide
32024-12-042 of 198 findings match
H2
Show 27 more STIGs in this category →Hide additional STIGs
Microsoft Windows Server 2019 Security Technical Implementation Guide
32025-05-232 of 275 findings match
M2
Microsoft Windows Server 2019 Security Technical Implementation Guide
V3R82026-02-122 of 282 findings match
M2
Microsoft Windows Server 2022 Security Technical Implementation Guide
22025-05-152 of 275 findings match
M2
Microsoft Windows Server 2022 Security Technical Implementation Guide
V2R82026-02-132 of 282 findings match
M2
Microsoft Windows Server 2025 Security Technical Implementation Guide
V1R12026-02-202 of 284 findings match
M2
Red Hat Enterprise Linux 10 Security Technical Implementation Guide
V1R12026-03-112 of 434 findings match
H2
Red Hat Enterprise Linux 8 Security Technical Implementation Guide
V2R72026-02-052 of 366 findings match
H2
Anduril NixOS Security Technical Implementation Guide
V1R22025-08-191 of 103 findings match
H1
Anduril NixOS Security Technical Implementation Guide
12024-10-251 of 104 findings match
H1
Canonical Ubuntu 20.04 LTS Security Technical Implementation Guide
22025-05-161 of 172 findings match
H1
Canonical Ubuntu 22.04 LTS Security Technical Implementation Guide
V2R82026-02-061 of 188 findings match
H1
Canonical Ubuntu 22.04 LTS Security Technical Implementation Guide
22025-05-161 of 187 findings match
H1
Canonical Ubuntu 24.04 LTS Security Technical Implementation Guide
V1R52026-02-061 of 194 findings match
H1
Canonical Ubuntu 24.04 LTS Security Technical Implementation Guide
12025-05-161 of 194 findings match
H1
Cloud Linux AlmaLinux OS 9 Security Technical Implementation Guide
V1R62026-02-271 of 439 findings match
H1
HPE 3PAR StoreServ 3.3.x Security Technical Implementation Guide
V2R12024-08-271 of 30 findings match
M1
Microsoft Windows Server Domain Name System (DNS) Security Technical Implementation Guide
22025-02-251 of 83 findings match
M1
Microsoft Windows Server Domain Name System (DNS) Security Technical Implementation Guide
V2R42026-02-231 of 81 findings match
M1
Solaris 11 SPARC Security Technical Implementation Guide
V3R52026-02-191 of 217 findings match
M1
Solaris 11 SPARC Security Technical Implementation Guide
32025-05-051 of 217 findings match
M1
Solaris 11 X86 Security Technical Implementation Guide
V3R52026-02-191 of 216 findings match
M1
Solaris 11 X86 Security Technical Implementation Guide
32025-05-051 of 216 findings match
M1
SUSE Linux Enterprise Micro (SLEM) 5 Security Technical Implementation Guide
V1R42026-02-101 of 208 findings match
H1
SUSE Linux Enterprise Micro (SLEM) 5 Security Technical Implementation Guide
12025-05-081 of 210 findings match
H1
SUSE Linux Enterprise Server 12 Security Technical Implementation Guide
32025-05-141 of 211 findings match
M1
SUSE Linux Enterprise Server 15 Security Technical Implementation Guide
V2R72026-02-191 of 214 findings match
H1
SUSE Linux Enterprise Server 15 Security Technical Implementation Guide
22025-05-141 of 216 findings match
H1
Operating System — Mainframe
4 STIGs
Operating System — Mainframe
4 STIGsMainframe Product Security Requirements Guide
V3R42025-09-104 of 194 findings match
M4
Mainframe Product Security Requirements Guide
32024-12-054 of 193 findings match
M4
IBM zVM Using CA VM:Secure Security Technical Implementation Guide
V2R22022-08-312 of 77 findings match
M2
CA IDMS Security Technical Implementation Guide
V2R12024-09-131 of 74 findings match
M1
Operating System — Mobile
2 STIGs
Operating System — Mobile
2 STIGsHoneywell Android 13 COBO Security Technical Implementation Guide
V1R12025-05-071 of 32 findings match
H1
Honeywell Android 13 COPE Security Technical Implementation Guide
V1R12025-05-071 of 36 findings match
H1
Network Device
30 STIGs
Network Device
30 STIGsVirtual Private Network (VPN) Security Requirements Guide
V3R42025-09-108 of 92 findings match
H2M6
Application Layer Gateway Security Requirements Guide
V2R32025-09-157 of 160 findings match
M7
Virtual Private Network (VPN) Security Requirements Guide
32024-12-196 of 82 findings match
H2M4
Cisco ASA VPN Security Technical Implementation Guide
V2R22024-08-225 of 41 findings match
H2M3
Router Security Requirements Guide
V5R22025-09-105 of 123 findings match
M5
Symantec ProxySG ALG Security Technical Implementation Guide
V1R32020-03-274 of 66 findings match
M4
Akamai KSD Service Impact Level 2 ALG Security Technical Implementation Guide
V1R12017-09-153 of 33 findings match
H2M1
Application Layer Gateway Security Requirements Guide
22024-12-043 of 155 findings match
M3
Show 22 more STIGs in this category →Hide additional STIGs
IBM DataPower ALG Security Technical Implementation Guide
V1R12016-01-213 of 65 findings match
M3
Juniper SRX Services Gateway VPN Security Technical Implementation Guide
V3R22024-12-202 of 28 findings match
H1M1
Palo Alto Networks ALG Security Technical Implementation Guide
V3R42025-03-122 of 50 findings match
M2
BIND 9.x Security Technical Implementation Guide
V3R22026-02-251 of 73 findings match
M1
BIND 9.x Security Technical Implementation Guide
22024-02-151 of 70 findings match
H1
Domain Name System (DNS) Security Requirements Guide
V4R22025-12-191 of 119 findings match
M1
Domain Name System (DNS) Security Requirements Guide
42024-07-021 of 118 findings match
M1
Enterprise Voice, Video, and Messaging Endpoint Security Requirements Guide
V1R32025-10-011 of 47 findings match
M1
Enterprise Voice, Video, and Messaging Endpoint Security Requirements Guide
12024-08-021 of 47 findings match
M1
Enterprise Voice, Video, and Messaging Session Management Security Requirements Guide
V1R22025-12-301 of 60 findings match
H1
Enterprise Voice, Video, and Messaging Session Management Security Requirements Guide
12024-03-111 of 61 findings match
H1
F5 BIG-IP TMOS ALG Security Technical Implementation Guide
V1R22025-06-091 of 37 findings match
H1
F5 BIG-IP TMOS VPN Security Technical Implementation Guide
V1R12024-09-091 of 12 findings match
H1
F5 NGINX Security Technical Implementation Guide
V1R12026-01-071 of 32 findings match
M1
HPE Aruba Networking AOS VPN Security Technical Implementation Guide
V1R12024-10-291 of 21 findings match
M1
HPE Aruba Networking AOS Wireless Security Technical Implementation Guide
12024-10-291 of 14 findings match
M1
HPE Aruba Networking AOS Wireless Security Technical Implementation Guide
V1R22026-02-251 of 14 findings match
M1
Infoblox 7.x DNS Security Technical Implementation Guide
22020-12-101 of 67 findings match
H1
Infoblox 8.x DNS Security Technical Implementation Guide
V1R22025-03-111 of 71 findings match
H1
Ivanti Connect Secure VPN Security Technical Implementation Guide
V2R22025-09-091 of 15 findings match
M1
Ivanti Connect Secure VPN Security Technical Implementation Guide
22024-06-101 of 15 findings match
M1
Riverbed NetIM OS Security Technical Implementation Guide
V1R12025-10-021 of 154 findings match
H1
Database
23 STIGs
Database
23 STIGsDatabase Security Requirements Guide
V4R52026-02-264 of 142 findings match
H1M3
Database Security Requirements Guide
42024-12-044 of 142 findings match
H1M3
EnterpriseDB Postgres Advanced Server (EPAS) Security Technical Implementation Guide
V2R12024-08-274 of 118 findings match
M4
MariaDB Enterprise 10.x Security Technical Implementation Guide
22024-12-054 of 110 findings match
H1M3
Oracle MySQL 8.0 Security Technical Implementation Guide
V2R22024-09-044 of 100 findings match
H1M3
Redis Enterprise 6.x Security Technical Implementation Guide
V2R22024-09-044 of 71 findings match
H1M3
Crunchy Data Postgres 16 Security Technical Implementation Guide
V1R22026-02-273 of 111 findings match
H1M2
Crunchy Data Postgres 16 Security Technical Implementation Guide
12024-06-173 of 111 findings match
H1M2
Show 15 more STIGs in this category →Hide additional STIGs
Crunchy Data PostgreSQL Security Technical Implementation Guide
V3R12024-08-273 of 113 findings match
H3
MarkLogic Server v9 Security Technical Implementation Guide
V3R22024-09-043 of 80 findings match
M3
MS SQL Server 2016 Instance Security Technical Implementation Guide
32025-06-113 of 101 findings match
H2M1
IBM DB2 V10.5 LUW Security Technical Implementation Guide
V2R12023-06-111 of 93 findings match
H1
MariaDB Enterprise 10.x Security Technical Implementation Guide
V2R52026-03-021 of 107 findings match
H1
Microsoft Azure SQL Database Security Technical Implementation Guide
V2R32025-06-111 of 76 findings match
H1
Microsoft Azure SQL Managed Instance Security Technical Implementation Guide
V1R12025-10-071 of 84 findings match
H1
Microsoft SQL Server 2022 Database Security Technical Implementation Guide
V1R32026-02-251 of 23 findings match
H1
Microsoft SQL Server 2022 Database Security Technical Implementation Guide
12025-05-291 of 22 findings match
H1
MongoDB Enterprise Advanced 7.x Security Technical Implementation Guide
V1R12024-09-271 of 50 findings match
H1
MongoDB Enterprise Advanced 8.x Security Technical Implementation Guide
V1R12026-02-201 of 55 findings match
H1
MS SQL Server 2016 Database Security Technical Implementation Guide
V3R52026-03-091 of 23 findings match
H1
MS SQL Server 2016 Database Security Technical Implementation Guide
32025-06-111 of 28 findings match
H1
Oracle Database 19c Security Technical Implementation Guide
V1R52026-02-251 of 96 findings match
H1
Oracle Database 19c Security Technical Implementation Guide
12025-06-241 of 96 findings match
H1
Web / Application Server
14 STIGs
Web / Application Server
14 STIGsApplication Security and Development Security Technical Implementation Guide
62025-02-125 of 286 findings match
M5
Application Security and Development Security Technical Implementation Guide
V6R42025-09-095 of 286 findings match
M5
Application Server Security Requirements Guide
V4R42025-09-103 of 137 findings match
M3
Application Server Security Requirements Guide
42025-02-113 of 128 findings match
M3
Apache Tomcat Application Server 9 Security Technical Implementation Guide
V3R42026-02-251 of 79 findings match
L1
Apache Tomcat Application Server 9 Security Technical Implementation Guide
32025-02-111 of 82 findings match
L1
Application Programming Interface (API) Security Requirements Guide
V1R12025-09-241 of 65 findings match
M1
IBM WebSphere Traditional V9.x Security Technical Implementation Guide
V2R12026-02-261 of 77 findings match
M1
Show 6 more STIGs in this category →Hide additional STIGs
IBM WebSphere Traditional V9.x Security Technical Implementation Guide
12018-08-241 of 76 findings match
M1
JBoss Enterprise Application Platform 6.3 Security Technical Implementation Guide
V2R62025-02-201 of 67 findings match
M1
Red Hat Ansible Automation Controller Application Server Security Technical Implementation Guide
V2R42025-11-201 of 16 findings match
M1
Red Hat Ansible Automation Controller Application Server Security Technical Implementation Guide
22025-05-231 of 16 findings match
M1
Web Server Security Requirements Guide
V4R42025-09-101 of 126 findings match
M1
Web Server Security Requirements Guide
42025-02-121 of 124 findings match
M1
Virtualization / Container
10 STIGs
Virtualization / Container
10 STIGsContainer Platform Security Requirements Guide
V2R42025-09-103 of 188 findings match
H1M2
Container Platform Security Requirements Guide
22025-05-153 of 187 findings match
H1M2
Virtual Machine Manager Security Requirements Guide
V2R32025-09-103 of 198 findings match
M3
Virtual Machine Manager Security Requirements Guide
22024-12-062 of 193 findings match
M2
VMware vSphere 7.0 ESXi Security Technical Implementation Guide
V1R42025-02-111 of 75 findings match
M1
VMware vSphere 7.0 vCenter Appliance Photon OS Security Technical Implementation Guide
V1R42024-12-161 of 113 findings match
M1
VMware vSphere 8.0 ESXi Security Technical Implementation Guide
V2R32025-02-111 of 76 findings match
M1
VMware vSphere 8.0 ESXi Security Technical Implementation Guide
V1R12023-10-111 of 73 findings match
M1
Show 2 more STIGs in this category →Hide additional STIGs
VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 Security Technical Implementation Guide
V2R12024-07-111 of 106 findings match
H1
VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 Security Technical Implementation Guide
V1R12023-10-291 of 104 findings match
H1
Endpoint Security Management
11 STIGs
Endpoint Security Management
11 STIGsIvanti Sentry 9.x ALG Security Technical Implementation Guide
V3R12024-09-253 of 32 findings match
M3
ISEC7 Sphere Security Technical Implementation Guide
V3R12024-08-202 of 34 findings match
M2
Ivanti EPMM Server Security Technical Implementation Guide
V3R12024-07-302 of 26 findings match
H2
Tanium 7.x Application on TanOS Security Technical Implementation Guide
V2R22025-02-112 of 75 findings match
M2
Tanium 7.x Security Technical Implementation Guide
V2R32025-05-142 of 98 findings match
M2
Unified Endpoint Management Server Security Requirements Guide
22024-12-092 of 137 findings match
H2
Unified Endpoint Management Server Security Requirements Guide
V2R42025-09-102 of 138 findings match
H2
Central Log Server Security Requirements Guide
V3R42026-02-121 of 127 findings match
H1
Show 3 more STIGs in this category →Hide additional STIGs
Central Log Server Security Requirements Guide
32024-12-041 of 125 findings match
H1
Unified Endpoint Management Agent Security Requirements Guide
V2R12025-10-031 of 14 findings match
H1
Unified Endpoint Management Agent Security Requirements Guide
12020-12-141 of 14 findings match
H1
Productivity Application
6 STIGs
Productivity Application
6 STIGsAdobe Acrobat Professional DC Continuous Track Security Technical Implementation Guide
V2R12021-06-221 of 23 findings match
M1
Adobe Acrobat Reader DC Continuous Track Security Technical Implementation Guide
V2R12021-06-221 of 26 findings match
M1
Microsoft DotNet Framework 4.0 Security Technical Implementation Guide
V2R82026-02-121 of 16 findings match
M1
Microsoft DotNet Framework 4.0 Security Technical Implementation Guide
22025-05-161 of 16 findings match
M1
Microsoft Office 365 ProPlus Security Technical Implementation Guide
V3R52026-02-121 of 139 findings match
M1
Microsoft Office 365 ProPlus Security Technical Implementation Guide
32025-03-051 of 138 findings match
M1
Uncategorized
3 STIGs
Uncategorized
3 STIGsMicrosoft Internet Explorer 11 Security Technical Implementation Guide
22023-12-012 of 137 findings match
M2
Microsoft SharePoint 2013 Security Technical Implementation Guide
22024-12-102 of 37 findings match
H2
Microsoft Outlook 2016 Security Technical Implementation Guide
22022-03-111 of 63 findings match
M1