| SRG-APP-000439-API-001005 | V1R1 | The amount of data returned by the API must be restricted. | Security Requirements Guide - API |
| SRG-APP-000439-API-001010 | V1R1 | The API must use TLS version 1.2 at a minimum. | Security Requirements Guide - API |
| SRG-APP-000439-CTR-001080 | V2R4 | The application must protect the confidentiality and integrity of transmitted information. | Security Requirements Guide - Container Platform |
| SRG-APP-000439-DNS-000063 | V4R2 | The DNS server implementation must protect the integrity of transmitted information. | Security Requirements Guide - Domain Name Service |
| SRG-APP-000439-WSR-000151 | V4R4 | The web server must employ cryptographic mechanisms (TLS/DTLS/SSL) preventing the unauthorized disclosure of information during transmission. | Security Requirements Guide - Web Server |
| SRG-APP-000439-WSR-000152 | V4R4 | Web server session IDs must be sent to the client using SSL/TLS. | Security Requirements Guide - Web Server |
| SRG-APP-000439-WSR-000153 | V4R4 | Web server cookies, such as session cookies, sent to the client using SSL/TLS must not be compressed. | Security Requirements Guide - Web Server |
| SRG-APP-000439-WSR-000154 | V4R4 | Cookies exchanged between the web server and the client, such as session cookies, must have cookie properties set to prohibit client-side scripts from reading the cookie data. | Security Requirements Guide - Web Server |
| SRG-APP-000439-WSR-000155 | V4R4 | Cookies exchanged between the web server and the client, such as session cookies, must have cookie properties set to force the encryption of cookies. | Security Requirements Guide - Web Server |
| SRG-APP-000439-WSR-000156 | V4R4 | A web server must maintain the confidentiality of controlled information during transmission through the use of an approved TLS version. | Security Requirements Guide - Web Server |
| SRG-APP-000439-WSR-000188 | V4R4 | The web server must remove all export ciphers to protect the confidentiality and integrity of transmitted information. | Security Requirements Guide - Web Server |
| SRG-APP-000439-WSR-000192 | V4R4 | The web server must use HTTP/2, at a minimum. | Security Requirements Guide - Web Server |
| SRG-APP-000439-WSR-000193 | V4R4 | The web server must disable HTTP/1.x downgrading. | Security Requirements Guide - Web Server |
| SRG-APP-000439-WSR-000196 | V4R4 | The web server must only use forward proxies that route HTTP/2 requests upstream. | Security Requirements Guide - Web Server |