This is not the latest version of the STIG. This is provided for archival purposes. See the latest STIG.

The operating system must provide protected storage for cryptographic keys with organization-defined safeguards and/or hardware protected key store.

STIG ID: SRG-OS-000780-GPOS-00240  |  SRG: SRG-OS-000780 |  Severity: medium (CAT II)  |  CCI: CCI-004910 |  Vulnerability Id: V-263660

Vulnerability Discussion

A Trusted Platform Module (TPM) is an example of a hardware-protected data store that can be used to protect cryptographic keys.

Check

Verify the operating system is configured to provide protected storage for cryptographic keys with organization-defined safeguards and/or hardware protected key store.

If the operating system is not configured to provide protected storage for cryptographic keys with organization-defined safeguards and/or hardware protected key store, this is a finding.

Fix

Configure the operating system to provide protected storage for cryptographic keys with organization-defined safeguards and/or hardware protected key store.
This website is not created by, run, approved, or endorsed by the U.S. Department of Defense. Use at your own risk. This website is created by open-source software.