STIGViewer Trial workspace — loading your subscription…

NIST 800-171 v2

110 security requirements available

3.13.11Derived Requirement

System and Communications Protection

Security Requirement

Employ FIPS-validated cryptography when used to protect the confidentiality of CUI.

Discussion

Cryptography can be employed to support many security solutions including the protection of controlled unclassified information, the provision of digital signatures, and the enforcement of information separation when authorized individuals have the necessary clearances for such information but lack the necessary formal access approvals. Cryptography can also be used to support random number generation and hash generation. Cryptographic standards include FIPS-validated cryptography and/or NSA-approved cryptography. See [NIST CRYPTO]; [NIST CAVP]; and [NIST CMVP].

Framework
NIST SP 800-171 Rev 2
Family
System and Communications Protection
Requirement Type
derived

Related Frameworks

4 paths across 2 frameworks
NIST 800-531 mapping
SC-13
1.00
  • NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
CCI3 mappings
CCI-002449
1.00
  • NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
  • DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-002450
1.00
  • NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
  • DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-004900
1.00
  • NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
  • DISA · 2025-01-23 · disa_cci_list · equivalent

Related STIGs

100 STIGs reach this control through 3 CCIs via 800-53 control SC-13. Expand a row to see the responsible NICE and O*NET roles.

Operating System — Desktop

2 STIGs

Operating System — Server

23 STIGs
Oracle Linux 8 Security Technical Implementation Guide
V2R82026-02-133 of 375 findings match
Oracle Linux 9 Security Technical Implementation Guide
V1R52026-02-173 of 448 findings match
Show 15 more STIGs in this category →
Anduril NixOS Security Technical Implementation Guide
V1R22025-08-191 of 103 findings match
Solaris 11 X86 Security Technical Implementation Guide
V3R52026-02-191 of 216 findings match

Operating System — Mainframe

3 STIGs
Mainframe Product Security Requirements Guide
V3R42025-09-104 of 194 findings match
CA IDMS Security Technical Implementation Guide
V2R12024-09-131 of 74 findings match

Operating System — Mobile

2 STIGs

Network Device

23 STIGs
Application Layer Gateway Security Requirements Guide
V2R32025-09-157 of 160 findings match
Cisco ASA VPN Security Technical Implementation Guide
V2R22024-08-225 of 41 findings match
Router Security Requirements Guide
V5R22025-09-105 of 123 findings match
Show 15 more STIGs in this category →
BIND 9.x Security Technical Implementation Guide
22024-02-151 of 70 findings match
BIND 9.x Security Technical Implementation Guide
V3R22026-02-251 of 73 findings match
Domain Name System (DNS) Security Requirements Guide
V4R22025-12-191 of 119 findings match
F5 NGINX Security Technical Implementation Guide
V1R12026-01-071 of 32 findings match

Database

16 STIGs
Database Security Requirements Guide
V4R52026-02-264 of 142 findings match
Show 8 more STIGs in this category →

Web / Application Server

8 STIGs

Virtualization / Container

8 STIGs

Endpoint Security Management

8 STIGs

Productivity Application

4 STIGs

Uncategorized

3 STIGs