STIGViewer Trial workspace — loading your subscription…

NIST 800-171 v2

110 security requirements available

3.1.13Derived Requirement

Access Control

Security Requirement

Employ cryptographic mechanisms to protect the confidentiality of remote access sessions.

Discussion

Cryptographic standards include FIPS-validated cryptography and NSA-approved cryptography. See [NIST CRYPTO]; [NIST CAVP]; [NIST CMVP]; National Security Agency Cryptographic Standards.

Framework
NIST SP 800-171 Rev 2
Family
Access Control
Requirement Type
derived

Related Frameworks

3 paths across 2 frameworks
NIST 800-531 mapping
  • NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
CCI2 mappings
CCI-000068
1.00
  • NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
  • DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-001453
1.00
  • NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
  • DISA · 2025-01-23 · disa_cci_list · equivalent

Related STIGs

156 STIGs reach this control through 25 CCIs via 800-53 control AC-17. Expand a row to see the responsible NICE and O*NET roles.

Operating System — Desktop

5 STIGs

Operating System — Server

26 STIGs
Oracle Linux 8 Security Technical Implementation Guide
V2R82026-02-1310 of 375 findings match
Oracle Linux 9 Security Technical Implementation Guide
V1R52026-02-178 of 448 findings match
Show 18 more STIGs in this category →
IBM AIX 7.x Security Technical Implementation Guide
V3R22026-02-066 of 283 findings match
Anduril NixOS Security Technical Implementation Guide
V1R22025-08-193 of 103 findings match
Solaris 11 X86 Security Technical Implementation Guide
V3R52026-02-192 of 216 findings match

Operating System — Mainframe

10 STIGs
IBM z/OS ACF2 Security Technical Implementation Guide
V9R82026-03-099 of 225 findings match
IBM z/OS RACF Security Technical Implementation Guide
V9R82026-03-099 of 222 findings match
IBM z/OS TSS Security Technical Implementation Guide
V9R82026-03-099 of 230 findings match
Show 2 more STIGs in this category →

Operating System — Mobile

5 STIGs

Network Device

37 STIGs
Application Layer Gateway Security Requirements Guide
V2R32025-09-157 of 160 findings match
Cisco ASA VPN Security Technical Implementation Guide
V2R22024-08-226 of 41 findings match
Show 29 more STIGs in this category →
SDN Controller Security Requirements Guide
22024-05-283 of 34 findings match
Cisco ISE NAC Security Technical Implementation Guide
V2R32025-12-101 of 30 findings match
Domain Name System (DNS) Security Requirements Guide
V4R22025-12-191 of 119 findings match
F5 NGINX Security Technical Implementation Guide
V1R12026-01-071 of 32 findings match
Firewall Security Requirements Guide
V3R32025-09-221 of 35 findings match

Web / Application Server

21 STIGs
Web Server Security Requirements Guide
V4R42025-09-106 of 126 findings match
Application Server Security Requirements Guide
V4R42025-09-105 of 137 findings match
Show 13 more STIGs in this category →

Virtualization / Container

34 STIGs
Kubernetes Security Technical Implementation Guide
V2R62026-02-125 of 92 findings match
Virtual Machine Manager Security Requirements Guide
V2R32025-09-105 of 198 findings match
Container Platform Security Requirements Guide
V2R42025-09-103 of 188 findings match
Show 26 more STIGs in this category →

Cloud / Identity Service

1 STIG

Endpoint Security Management

12 STIGs

Productivity Application

4 STIGs

Uncategorized

1 STIG