V-233211
SV-233211r961863_rule
CAT II
The container platform must implement NSA-approved cryptography to protect classified information in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards.
From: Container Platform Security Requirements Guide (V2R4)
Description
<VulnDiscussion>Use of weak or untested encryption algorithms undermines the purposes of utilizing encryption to protect data and images. The container platform must implement cryptographic modules adhering to the higher standards approved by the federal government since this provides assurance they have been tested and validated.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>
Check Procedure
Review documentation to verify that the container platform is using NSA-approved cryptography to protect classified data and applications.
If the container platform is not using NSA-approved cryptography for classified data and applications, this is a finding.
Fix Text
Configure the container platform to utilize NSA-approved cryptography to protect classified information.
CCI Reference
CCI-002450- Created
- 2026-04-07 20:08:14
- Last Updated
- 2026-04-07 20:08:14