| ALMA-09-042700 | V1R2 | All AlmaLinux OS 9 networked systems must have the OpenSSH client installed. | |
| APPL-14-002062 | V2R3 | The macOS system must disable Bluetooth when no approved device is connected. | |
| APPL-15-002062 | V1R3 | The macOS system must disable Bluetooth when no approved device is connected. | |
| OL07-00-040300 | V3R2 | The Oracle Linux operating system must be configured so that all networked systems have SSH installed. | |
| OL07-00-040310 | V3R2 | The Oracle Linux operating system must be configured so that all networked systems use SSH for confidentiality and integrity of transmitted and received information as well as information during preparation for transmission. | |
| OL08-00-040159 | V2R4 | All OL 8 networked systems must have SSH installed. | |
| OL08-00-040160 | V2R4 | All OL 8 networked systems must have and implement SSH to protect the confidentiality and integrity of transmitted and received information, as well as information during preparation for transmission. | |
| OL09-00-000250 | V1R1 | OL 9 networked systems must have SSH installed. | |
| OL09-00-000251 | V1R1 | OL 9 networked systems must have and implement SSH to protect the confidentiality and integrity of transmitted and received information, as well as information during preparation for transmission. | |
| OL09-00-002342 | V1R1 | OL 9 must force a frequent session key renegotiation for SSH connections to the server. | |
| OL09-00-002421 | V1R1 | OL 9 must implement DOD-approved encryption in the bind package. | |
| RHEL-07-040300 | V3R9 | The Red Hat Enterprise Linux operating system must be configured so that all networked systems have SSH installed. | |
| RHEL-07-040310 | V3R9 | The Red Hat Enterprise Linux operating system must be configured so that all networked systems use SSH for confidentiality and integrity of transmitted and received information as well as information during preparation for transmission. | |
| RHEL-08-040160 | V2R3 | All RHEL 8 networked systems must have and implement SSH to protect the confidentiality and integrity of transmitted and received information, as well as information during preparation for transmission. | |
| RHEL-08-040159 | V2R3 | All RHEL 8 networked systems must have SSH installed. | |
| RHEL-09-255010 | V2R4 | All RHEL 9 networked systems must have SSH installed. | |
| RHEL-09-255015 | V2R4 | All RHEL 9 networked systems must have and implement SSH to protect the confidentiality and integrity of transmitted and received information, as well as information during preparation for transmission. | |
| RHEL-09-255090 | V2R4 | RHEL 9 must force a frequent session key renegotiation for SSH connections to the server. | |
| RHEL-09-672050 | V2R4 | RHEL 9 must implement DOD-approved encryption in the bind package. | |
| SLES-12-030100 | V3R2 | All networked SUSE operating systems must have and implement SSH to protect the confidentiality and integrity of transmitted and received information, as well as information during preparation for transmission. | |
| SLES-15-010530 | V2R4 | All networked SUSE operating systems must have and implement SSH to protect the confidentiality and integrity of transmitted and received information, as well as information during preparation for transmission. | |
| UBTU-18-010420 | V2R15 | The Ubuntu operating system must use SSH to protect the confidentiality and integrity of transmitted information unless otherwise protected by alternative physical safeguards, such as, at a minimum, a Protected Distribution System (PDS). | |
| UBTU-20-010042 | V2R1 | The Ubuntu operating system must use SSH to protect the confidentiality and integrity of transmitted information. | |
| UBTU-22-255010 | V2R4 | Ubuntu 22.04 LTS must have SSH installed. | |
| UBTU-22-255015 | V2R4 | Ubuntu 22.04 LTS must use SSH to protect the confidentiality and integrity of transmitted information. | |
| UBTU-24-100800 | V1R1 | Ubuntu 24.04 LTS must have SSH installed. | |
| UBTU-24-100810 | V1R1 | Ubuntu 24.04 LTS must use SSH to protect the confidentiality and integrity of transmitted information. | |
| WN10-SO-000035 | V3R4 | Outgoing secure channel traffic must be encrypted or signed. | |
| WN10-SO-000040 | V3R4 | Outgoing secure channel traffic must be encrypted when possible. | |
| WN10-SO-000045 | V3R4 | Outgoing secure channel traffic must be signed when possible. | |
| WN10-SO-000060 | V3R4 | The system must be configured to require a strong session key. | |
| WN10-SO-000100 | V3R4 | The Windows SMB client must be configured to always perform SMB packet signing. | |
| WN10-SO-000120 | V3R4 | The Windows SMB server must be configured to always perform SMB packet signing. | |
| WN11-SO-000035 | V2R3 | Outgoing secure channel traffic must be encrypted or signed. | |
| WN11-SO-000040 | V2R3 | Outgoing secure channel traffic must be encrypted. | |
| WN11-SO-000045 | V2R3 | Outgoing secure channel traffic must be signed. | |
| WN11-SO-000060 | V2R3 | The system must be configured to require a strong session key. | |
| WN11-SO-000100 | V2R3 | The Windows SMB client must be configured to always perform SMB packet signing. | |
| WN11-SO-000120 | V2R3 | The Windows SMB server must be configured to always perform SMB packet signing. | |
| WN16-DC-000320 | V2R9 | Domain controllers must require LDAP access signing. | |
| WN16-SO-000080 | V2R9 | The setting Domain member: Digitally encrypt or sign secure channel data (always) must be configured to Enabled. | |
| WN16-SO-000090 | V2R9 | The setting Domain member: Digitally encrypt secure channel data (when possible) must be configured to enabled. | |
| WN16-SO-000100 | V2R9 | The setting Domain member: Digitally sign secure channel data (when possible) must be configured to Enabled. | |
| WN16-SO-000130 | V2R9 | Windows Server 2016 must be configured to require a strong session key. | |
| WN16-SO-000190 | V2R9 | The setting Microsoft network client: Digitally sign communications (always) must be configured to Enabled. | |
| WN16-SO-000200 | V2R9 | The setting Microsoft network client: Digitally sign communications (if server agrees) must be configured to Enabled. | |
| WN16-SO-000230 | V2R9 | The setting Microsoft network server: Digitally sign communications (always) must be configured to Enabled. | |
| WN16-SO-000240 | V2R9 | The setting Microsoft network server: Digitally sign communications (if client agrees) must be configured to Enabled. | |
| WN19-DC-000320 | V3R4 | Windows Server 2019 domain controllers must require LDAP access signing. | |
| WN19-SO-000060 | V3R4 | Windows Server 2019 setting Domain member: Digitally encrypt or sign secure channel data (always) must be configured to Enabled. | |
| WN19-SO-000070 | V3R4 | Windows Server 2019 setting Domain member: Digitally encrypt secure channel data (when possible) must be configured to enabled. | |
| WN19-SO-000080 | V3R4 | Windows Server 2019 setting Domain member: Digitally sign secure channel data (when possible) must be configured to Enabled. | |
| WN19-SO-000110 | V3R4 | Windows Server 2019 must be configured to require a strong session key. | |
| WN19-SO-000160 | V3R4 | Windows Server 2019 setting Microsoft network client: Digitally sign communications (always) must be configured to Enabled. | |
| WN19-SO-000170 | V3R4 | Windows Server 2019 setting Microsoft network client: Digitally sign communications (if server agrees) must be configured to Enabled. | |
| WN19-SO-000190 | V3R4 | Windows Server 2019 setting Microsoft network server: Digitally sign communications (always) must be configured to Enabled. | |
| WN19-SO-000200 | V3R4 | Windows Server 2019 setting Microsoft network server: Digitally sign communications (if client agrees) must be configured to Enabled. | |
| WN22-DC-000320 | V2R4 | Windows Server 2022 domain controllers must require LDAP access signing. | |
| WN22-SO-000060 | V2R4 | Windows Server 2022 setting Domain member: Digitally encrypt or sign secure channel data (always) must be configured to Enabled. | |
| WN22-SO-000070 | V2R4 | Windows Server 2022 setting Domain member: Digitally encrypt secure channel data (when possible) must be configured to Enabled. | |
| WN22-SO-000080 | V2R4 | Windows Server 2022 setting Domain member: Digitally sign secure channel data (when possible) must be configured to Enabled. | |
| WN22-SO-000110 | V2R4 | Windows Server 2022 must be configured to require a strong session key. | |
| WN22-SO-000160 | V2R4 | Windows Server 2022 setting Microsoft network client: Digitally sign communications (always) must be configured to Enabled. | |
| WN22-SO-000170 | V2R4 | Windows Server 2022 setting Microsoft network client: Digitally sign communications (if server agrees) must be configured to Enabled. | |
| WN22-SO-000190 | V2R4 | Windows Server 2022 setting Microsoft network server: Digitally sign communications (always) must be configured to Enabled. | |
| WN22-SO-000200 | V2R4 | Windows Server 2022 setting Microsoft network server: Digitally sign communications (if client agrees) must be configured to Enabled. | |