| AZLX-23-001195 | V1R3 | Amazon Linux 2023 must have the crypto-policies package installed. | Amazon Linux 2023 |
| AZLX-23-001285 | V1R3 | Amazon Linux 2023 crypto policy must not be overridden. | Amazon Linux 2023 |
| AZLX-23-001270 | V1R3 | Amazon Linux 2023 must implement a FIPS 140-2/140-3 compliant systemwide cryptographic policy. | Amazon Linux 2023 |
| ALMA-09-039290 | V1R6 | AlmaLinux 9 cryptographic policy must not be overridden. | AlmaLinux OS 9 |
| ALMA-09-039840 | V1R6 | AlmaLinux OS 9 must have the crypto-policies package installed. | AlmaLinux OS 9 |
| ALMA-09-040060 | V1R6 | AlmaLinux OS 9 must implement a FIPS 140-3-compliant systemwide cryptographic policy. | AlmaLinux OS 9 |
| OL08-00-010180 | V2R8 | OL 8 must have the crypto-policies package installed. | Oracle Linux 8 |
| OL08-00-010181 | V2R8 | OL 8 must implement a FIPS 140-3-compliant systemwide cryptographic policy. | Oracle Linux 8 |
| OL08-00-010183 | V2R8 | OL 8 cryptographic policy must not be overridden. | Oracle Linux 8 |
| OL09-00-000240 | V1R5 | OL 9 must have the crypto-policies package installed. | Oracle Linux 9 |
| OL09-00-000241 | V1R5 | OL 9 must implement a FIPS 140-3 compliant systemwide cryptographic policy. | Oracle Linux 9 |
| OL09-00-000242 | V1R5 | OL 9 must not allow the cryptographic policy to be overridden. | Oracle Linux 9 |
| RHEL-10-300000 | V1R1 | RHEL 10 must have the "crypto-policies" package installed. | Red Hat Enterprise Linux 10 |
| RHEL-10-300090 | V1R1 | RHEL 10 cryptographic policy must not be overridden. | Red Hat Enterprise Linux 10 |
| RHEL-08-010270 | V2R7 | RHEL 8 cryptographic policy must not be overridden. | Red Hat Enterprise Linux 8 |
| RHEL-08-010015 | V2R7 | RHEL 8 must have the crypto-policies package installed. | Red Hat Enterprise Linux 8 |
| RHEL-09-215100 | V2R8 | RHEL 9 must have the crypto-policies package installed. | Red Hat Enterprise Linux 9 |
| RHEL-09-672020 | V2R8 | RHEL 9 cryptographic policy must not be overridden. | Red Hat Enterprise Linux 9 |
| RHEL-09-215105 | V2R8 | RHEL 9 must implement a FIPS 140-3-compliant systemwide cryptographic policy. | Red Hat Enterprise Linux 9 |
| SLES-15-010510 | V2R7 | FIPS 140-2 mode must be enabled on the SUSE operating system. | SUSE Linux Enterprise 15 |
| UBTU-20-010442 | V2R3 | The Ubuntu operating system must implement NIST FIPS-validated cryptography to protect classified information and for the following: To provision digital signatures, to generate cryptographic hashes, and to protect unclassified information requiring confidentiality and cryptographic protection in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards. | Ubuntu 20.04 |
| UBTU-22-671010 | V2R8 | Ubuntu 22.04 LTS must implement NIST FIPS-validated cryptography to protect classified information and for the following: To provision digital signatures, to generate cryptographic hashes, and to protect unclassified information requiring confidentiality and cryptographic protection in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards. | Ubuntu 22.04 |
| UBTU-22-432011 | V2R8 | Ubuntu 22.04 LTS must require users to provide a password for privilege escalation. | Ubuntu 22.04 |
| UBTU-22-654224 | V2R8 | The operating system must restrict privilege elevation to authorized personnel. | Ubuntu 22.04 |
| UBTU-22-654041 | V2R8 | Ubuntu 22.04 LTS must audit any script or executable called by cron as root or by any privileged user. | Ubuntu 22.04 |
| UBTU-22-254010 | V2R8 | Ubuntu 22.04 LTS must have the "SSSD" package installed. | Ubuntu 22.04 |
| UBTU-22-254030 | V2R8 | Ubuntu 22.04 LTS must map the authenticated identity to the user or group account for PKI-based authentication. | Ubuntu 22.04 |
| UBTU-22-254015 | V2R8 | Ubuntu 22.04 LTS must use the "SSSD" package for multifactor authentication services. | Ubuntu 22.04 |
| UBTU-22-254020 | V2R8 | Ubuntu 22.04 LTS must ensure SSSD performs certificate path validation, including revocation checking, against a trusted anchor for PKI-based authentication. | Ubuntu 22.04 |
| WN16-DC-000140 | V2R9 | Separate, NSA-approved (Type 1) cryptography must be used to protect the directory data in transit for directory service implementations at a classified confidentiality level when replication data traverses a network cleared to a lower level than the data. | Microsoft Windows Server 2016 |
| WN19-DC-000140 | V3R8 | Windows Server 2019 must use separate, NSA-approved (Type 1) cryptography to protect the directory data in transit for directory service implementations at a classified confidentiality level when replication data traverses a network cleared to a lower level than the data. | Microsoft Windows Server 2019 |
| WN22-DC-000140 | V2R8 | Windows Server 2022 must use separate, NSA-approved (Type 1) cryptography to protect the directory data in transit for directory service implementations at a classified confidentiality level when replication data traverses a network cleared to a lower level than the data. | Microsoft Windows Server 2022 |
| WN25-DC-000140 | V1R1 | Windows Server 2025 must use separate, NSA-approved (Type 1) cryptography to protect the directory data in transit for directory service implementations at a classified confidentiality level when replication data traverses a network cleared to a lower level than the data. | Microsoft Windows Server 2025 |