| ALMA-09-042700 | V1R4 | All AlmaLinux OS 9 networked systems must have the OpenSSH client installed. | AlmaLinux OS 9 |
| APPL-14-002062 | V2R4 | The macOS system must disable Bluetooth when no approved device is connected. | macOS 14 - Sonoma |
| APPL-15-002062 | V1R5 | The macOS system must disable Bluetooth when no approved device is connected. | macOS 15 - Sequoia |
| OL07-00-040300 | V3R3 | The Oracle Linux operating system must be configured so that all networked systems have SSH installed. | Oracle Linux 7 |
| OL07-00-040310 | V3R3 | The Oracle Linux operating system must be configured so that all networked systems use SSH for confidentiality and integrity of transmitted and received information as well as information during preparation for transmission. | Oracle Linux 7 |
| OL08-00-040159 | V2R6 | All OL 8 networked systems must have SSH installed. | Oracle Linux 8 |
| OL08-00-040160 | V2R6 | All OL 8 networked systems must have and implement SSH to protect the confidentiality and integrity of transmitted and received information, as well as information during preparation for transmission. | Oracle Linux 8 |
| OL09-00-000250 | V1R3 | OL 9 networked systems must have SSH installed. | Oracle Linux 9 |
| OL09-00-000251 | V1R3 | OL 9 networked systems must have and implement SSH to protect the confidentiality and integrity of transmitted and received information, as well as information during preparation for transmission. | Oracle Linux 9 |
| OL09-00-002342 | V1R3 | OL 9 must force a frequent session key renegotiation for SSH connections to the server. | Oracle Linux 9 |
| OL09-00-002421 | V1R3 | OL 9 must implement DOD-approved encryption in the bind package. | Oracle Linux 9 |
| RHEL-07-040300 | V3R9 | The Red Hat Enterprise Linux operating system must be configured so that all networked systems have SSH installed. | Red Hat Enterprise Linux 7 |
| RHEL-07-040310 | V3R9 | The Red Hat Enterprise Linux operating system must be configured so that all networked systems use SSH for confidentiality and integrity of transmitted and received information as well as information during preparation for transmission. | Red Hat Enterprise Linux 7 |
| RHEL-08-040160 | V2R5 | All RHEL 8 networked systems must have and implement SSH to protect the confidentiality and integrity of transmitted and received information, as well as information during preparation for transmission. | Red Hat Enterprise Linux 8 |
| RHEL-08-040159 | V2R5 | All RHEL 8 networked systems must have SSH installed. | Red Hat Enterprise Linux 8 |
| RHEL-09-255010 | V2R6 | All RHEL 9 networked systems must have SSH installed. | Red Hat Enterprise Linux 9 |
| RHEL-09-255015 | V2R6 | All RHEL 9 networked systems must have and implement SSH to protect the confidentiality and integrity of transmitted and received information, as well as information during preparation for transmission. | Red Hat Enterprise Linux 9 |
| RHEL-09-255090 | V2R6 | RHEL 9 must force a frequent session key renegotiation for SSH connections to the server. | Red Hat Enterprise Linux 9 |
| RHEL-09-672050 | V2R6 | RHEL 9 must implement DOD-approved encryption in the bind package. | Red Hat Enterprise Linux 9 |
| SLES-12-030100 | V3R2 | All networked SUSE operating systems must have and implement SSH to protect the confidentiality and integrity of transmitted and received information, as well as information during preparation for transmission. | SUSE Linux Enterprise 12 |
| SLES-15-010530 | V2R4 | All networked SUSE operating systems must have and implement SSH to protect the confidentiality and integrity of transmitted and received information, as well as information during preparation for transmission. | SUSE Linux Enterprise 15 |
| TOSS-04-010280 | V2R3 | All TOSS networked systems must have and implement SSH to protect the confidentiality and integrity of transmitted and received information, as well as information during preparation for transmission. | Tri-Lab Operating System Stack |
| UBTU-18-010420 | V2R15 | The Ubuntu operating system must use SSH to protect the confidentiality and integrity of transmitted information unless otherwise protected by alternative physical safeguards, such as, at a minimum, a Protected Distribution System (PDS). | Ubuntu 18.04 |
| UBTU-20-010042 | V2R3 | The Ubuntu operating system must use SSH to protect the confidentiality and integrity of transmitted information. | Ubuntu 20.04 |
| UBTU-22-255010 | V2R6 | Ubuntu 22.04 LTS must have SSH installed. | Ubuntu 22.04 |
| UBTU-22-255015 | V2R6 | Ubuntu 22.04 LTS must use SSH to protect the confidentiality and integrity of transmitted information. | Ubuntu 22.04 |
| UBTU-24-100800 | V1R1 | Ubuntu 24.04 LTS must have SSH installed. | Ubuntu 24.04 |
| UBTU-24-100810 | V1R1 | Ubuntu 24.04 LTS must use SSH to protect the confidentiality and integrity of transmitted information. | Ubuntu 24.04 |
| WN10-SO-000035 | V3R4 | Outgoing secure channel traffic must be encrypted or signed. | Microsoft Windows 10 |
| WN10-SO-000040 | V3R4 | Outgoing secure channel traffic must be encrypted when possible. | Microsoft Windows 10 |
| WN10-SO-000045 | V3R4 | Outgoing secure channel traffic must be signed when possible. | Microsoft Windows 10 |
| WN10-SO-000060 | V3R4 | The system must be configured to require a strong session key. | Microsoft Windows 10 |
| WN10-SO-000100 | V3R4 | The Windows SMB client must be configured to always perform SMB packet signing. | Microsoft Windows 10 |
| WN10-SO-000120 | V3R4 | The Windows SMB server must be configured to always perform SMB packet signing. | Microsoft Windows 10 |
| WN11-SO-000035 | V2R5 | Outgoing secure channel traffic must be encrypted or signed. | Microsoft Windows 11 |
| WN11-SO-000040 | V2R5 | Outgoing secure channel traffic must be encrypted. | Microsoft Windows 11 |
| WN11-SO-000045 | V2R5 | Outgoing secure channel traffic must be signed. | Microsoft Windows 11 |
| WN11-SO-000060 | V2R5 | The system must be configured to require a strong session key. | Microsoft Windows 11 |
| WN11-SO-000100 | V2R5 | The Windows SMB client must be configured to always perform SMB packet signing. | Microsoft Windows 11 |
| WN11-SO-000120 | V2R5 | The Windows SMB server must be configured to always perform SMB packet signing. | Microsoft Windows 11 |
| WN16-DC-000320 | V2R9 | Domain controllers must require LDAP access signing. | Microsoft Windows Server 2016 |
| WN16-SO-000080 | V2R9 | The setting Domain member: Digitally encrypt or sign secure channel data (always) must be configured to Enabled. | Microsoft Windows Server 2016 |
| WN16-SO-000090 | V2R9 | The setting Domain member: Digitally encrypt secure channel data (when possible) must be configured to enabled. | Microsoft Windows Server 2016 |
| WN16-SO-000100 | V2R9 | The setting Domain member: Digitally sign secure channel data (when possible) must be configured to Enabled. | Microsoft Windows Server 2016 |
| WN16-SO-000130 | V2R9 | Windows Server 2016 must be configured to require a strong session key. | Microsoft Windows Server 2016 |
| WN16-SO-000190 | V2R9 | The setting Microsoft network client: Digitally sign communications (always) must be configured to Enabled. | Microsoft Windows Server 2016 |
| WN16-SO-000200 | V2R9 | The setting Microsoft network client: Digitally sign communications (if server agrees) must be configured to Enabled. | Microsoft Windows Server 2016 |
| WN16-SO-000230 | V2R9 | The setting Microsoft network server: Digitally sign communications (always) must be configured to Enabled. | Microsoft Windows Server 2016 |
| WN16-SO-000240 | V2R9 | The setting Microsoft network server: Digitally sign communications (if client agrees) must be configured to Enabled. | Microsoft Windows Server 2016 |
| WN19-DC-000320 | V3R6 | Windows Server 2019 domain controllers must require LDAP access signing. | Microsoft Windows Server 2019 |
| WN19-SO-000060 | V3R6 | Windows Server 2019 setting Domain member: Digitally encrypt or sign secure channel data (always) must be configured to Enabled. | Microsoft Windows Server 2019 |
| WN19-SO-000070 | V3R6 | Windows Server 2019 setting Domain member: Digitally encrypt secure channel data (when possible) must be configured to enabled. | Microsoft Windows Server 2019 |
| WN19-SO-000080 | V3R6 | Windows Server 2019 setting Domain member: Digitally sign secure channel data (when possible) must be configured to Enabled. | Microsoft Windows Server 2019 |
| WN19-SO-000110 | V3R6 | Windows Server 2019 must be configured to require a strong session key. | Microsoft Windows Server 2019 |
| WN19-SO-000160 | V3R6 | Windows Server 2019 setting Microsoft network client: Digitally sign communications (always) must be configured to Enabled. | Microsoft Windows Server 2019 |
| WN19-SO-000170 | V3R6 | Windows Server 2019 setting Microsoft network client: Digitally sign communications (if server agrees) must be configured to Enabled. | Microsoft Windows Server 2019 |
| WN19-SO-000190 | V3R6 | Windows Server 2019 setting Microsoft network server: Digitally sign communications (always) must be configured to Enabled. | Microsoft Windows Server 2019 |
| WN19-SO-000200 | V3R6 | Windows Server 2019 setting Microsoft network server: Digitally sign communications (if client agrees) must be configured to Enabled. | Microsoft Windows Server 2019 |
| WN22-DC-000320 | V2R6 | Windows Server 2022 domain controllers must require LDAP access signing. | Microsoft Windows Server 2022 |
| WN22-SO-000060 | V2R6 | Windows Server 2022 setting Domain member: Digitally encrypt or sign secure channel data (always) must be configured to Enabled. | Microsoft Windows Server 2022 |
| WN22-SO-000070 | V2R6 | Windows Server 2022 setting Domain member: Digitally encrypt secure channel data (when possible) must be configured to Enabled. | Microsoft Windows Server 2022 |
| WN22-SO-000080 | V2R6 | Windows Server 2022 setting Domain member: Digitally sign secure channel data (when possible) must be configured to Enabled. | Microsoft Windows Server 2022 |
| WN22-SO-000110 | V2R6 | Windows Server 2022 must be configured to require a strong session key. | Microsoft Windows Server 2022 |
| WN22-SO-000160 | V2R6 | Windows Server 2022 setting Microsoft network client: Digitally sign communications (always) must be configured to Enabled. | Microsoft Windows Server 2022 |
| WN22-SO-000170 | V2R6 | Windows Server 2022 setting Microsoft network client: Digitally sign communications (if server agrees) must be configured to Enabled. | Microsoft Windows Server 2022 |
| WN22-SO-000190 | V2R6 | Windows Server 2022 setting Microsoft network server: Digitally sign communications (always) must be configured to Enabled. | Microsoft Windows Server 2022 |
| WN22-SO-000200 | V2R6 | Windows Server 2022 setting Microsoft network server: Digitally sign communications (if client agrees) must be configured to Enabled. | Microsoft Windows Server 2022 |