| 1.1.3.8.1 Set 'Microsoft network server: Disconnect clients when logon hours expire' to 'Enabled' | CIS Windows 8 L1 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 1.1.21 Ensure that the --kubelet-certificate-authority argument is set as appropriate | CIS Kubernetes 1.13 Benchmark v1.4.1 L1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 1.1.22 Ensure that the --kubelet-client-certificate and --kubelet-client-key arguments are set as appropriate - key | CIS Kubernetes 1.13 Benchmark v1.4.1 L1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 1.1.30 Ensure that the API Server only makes use of Strong Cryptographic Ciphers | CIS Kubernetes 1.13 Benchmark v1.4.1 L1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 2.1.1 Ensure 'SECURE_CONTROL_' Is Set In 'listener.ora' | CIS Oracle Server 12c Linux v3.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 2.1.14 Ensure that the Kubelet only makes use of Strong Cryptographic Ciphers | CIS Kubernetes 1.13 Benchmark v1.4.1 L1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 2.3.2 Ensure rsh client is not installed | CIS Ubuntu Linux 18.04 LXD Host L1 Workstation v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 2.3.4 Ensure telnet client is not installed | CIS Ubuntu Linux 18.04 LXD Host L1 Workstation v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 2.3.4 Ensure telnet client is not installed | CIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 2.3.11.7 (L1) Ensure 'Network security: LAN Manager authentication level' is set to 'Send NTLMv2 response only. Refuse LM & NTLM' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | IDENTIFICATION AND AUTHENTICATION |
| 4.2 Ensure valid public keys are installed | CIS PostgreSQL 9.5 OS v1.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.1 Ensure login via 'local' UNIX Domain Socket is configured correctly | CIS PostgreSQL 11 OS v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 6.2.2 Ensure no legacy '+' entries exist in /etc/passwd - + entries exist in /etc/passwd | CIS Ubuntu Linux 18.04 LXD Host L1 Workstation v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 6.2.5 Ensure no legacy '+' entries exist in /etc/group - + entries exist in /etc/group | CIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 6.2.5 Ensure that multifactor authentication is required for risky sign-ins | CIS Microsoft Azure Foundations v4.0.0 L2 | microsoft_azure | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 18.8.28.2 (L1) Ensure 'Do not enumerate connected users on domain-joined computers' is set to 'Enabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | IDENTIFICATION AND AUTHENTICATION |
| 18.9.6.1 (L1) Ensure 'Allow Microsoft accounts to be optional' is set to 'Enabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | IDENTIFICATION AND AUTHENTICATION |
| 18.9.15.2 (L1) Ensure 'Enumerate administrator accounts on elevation' is set to 'Disabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | IDENTIFICATION AND AUTHENTICATION |
| 18.9.65.3.9.1 (L1) Ensure 'Always prompt for password upon connection' is set to 'Enabled' | CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1 | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 18.9.65.3.9.1 (L1) Ensure 'Always prompt for password upon connection' is set to 'Enabled' | CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1 | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 18.10.56.3.9.1 (L1) Ensure 'Always prompt for password upon connection' is set to 'Enabled' | CIS Microsoft Windows Server 2016 v3.0.0 L1 MS | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 18.10.56.3.9.1 (L1) Ensure 'Always prompt for password upon connection' is set to 'Enabled' | CIS Microsoft Windows Server 2019 v3.0.1 L1 MS | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 18.10.56.3.9.1 Ensure 'Always prompt for password upon connection' is set to 'Enabled' | CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 MS | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 18.10.56.3.9.1 Ensure 'Always prompt for password upon connection' is set to 'Enabled' | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MS | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 18.10.56.3.9.1 Ensure 'Always prompt for password upon connection' is set to 'Enabled' | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 18.10.57.3.9.1 (L1) Ensure 'Always prompt for password upon connection' is set to 'Enabled' | CIS Microsoft Windows Server 2022 v4.0.0 L1 MS | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 18.10.57.3.9.1 (L1) Ensure 'Always prompt for password upon connection' is set to 'Enabled' | CIS Windows Server 2012 DC L1 v3.0.0 | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 18.10.57.3.9.1 (L1) Ensure 'Always prompt for password upon connection' is set to 'Enabled' | CIS Microsoft Windows Server 2025 v1.0.0 L1 DC | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 18.10.57.3.9.1 (L1) Ensure 'Always prompt for password upon connection' is set to 'Enabled' | CIS Windows Server 2012 R2 MS L1 v3.0.0 | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Always prompt for password upon connection | MSCT Windows 10 v21H1 v1.0.0 | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Always prompt for password upon connection | MSCT Windows 10 v22H2 v1.0.0 | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Always prompt for password upon connection | MSCT Windows 11 v1.0.0 | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Always prompt for password upon connection | MSCT MSCT Windows Server 2022 DC v1.0.0 | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Always prompt for password upon connection | MSCT Windows Server 2022 v1.0.0 | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Always prompt for password upon connection | MSCT Windows 11 v22H2 v1.0.0 | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Always prompt for password upon connection - fPromptForPassword | MSCT Windows Server 2025 MS v1.0.0 | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| APPL-14-003030 The macOS system must allow smart card authentication. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| Big Sur - Configure Login Window to Prompt for Username and Password | NIST macOS Big Sur v1.4.0 - 800-171 | Unix | IDENTIFICATION AND AUTHENTICATION |
| Big Sur - Configure Login Window to Prompt for Username and Password | NIST macOS Big Sur v1.4.0 - 800-53r5 Moderate | Unix | IDENTIFICATION AND AUTHENTICATION |
| Big Sur - Configure Login Window to Prompt for Username and Password | NIST macOS Big Sur v1.4.0 - All Profiles | Unix | IDENTIFICATION AND AUTHENTICATION |
| Catalina - Configure Login Window to Prompt for Username and Password | NIST macOS Catalina v1.5.0 - 800-53r4 Moderate | Unix | IDENTIFICATION AND AUTHENTICATION |
| Catalina - Configure Login Window to Prompt for Username and Password | NIST macOS Catalina v1.5.0 - All Profiles | Unix | IDENTIFICATION AND AUTHENTICATION |
| Monterey - Configure Login Window to Prompt for Username and Password | NIST macOS Monterey v1.0.0 - 800-53r5 High | Unix | IDENTIFICATION AND AUTHENTICATION |
| O112-C2-012900 - The DBMS must use multifactor authentication for access to user accounts. | DISA STIG Oracle 11.2g v2r5 Windows | Windows | IDENTIFICATION AND AUTHENTICATION |
| OL07-00-010500 - The Oracle Linux operating system must uniquely identify and must authenticate organizational users (or processes acting on behalf of organizational users) using multifactor authentication. | DISA Oracle Linux 7 STIG v3r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL08-00-020250 - OL 8 must implement multifactor authentication for access to interactive accounts. | DISA Oracle Linux 8 STIG v2r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| Time synchronization - ntp authentication | ArubaOS Switch 16.x Hardening Guide v1.0.0 | ArubaOS | AUDIT AND ACCOUNTABILITY, IDENTIFICATION AND AUTHENTICATION |
| UBTU-22-612010 - Ubuntu 22.04 LTS must implement multifactor authentication for remote access to privileged accounts in such a way that one of the factors is provided by a device separate from the system gaining access. | DISA Canonical Ubuntu 22.04 LTS STIG v2r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| WN12-PK-000008-DC - Active directory user accounts, including administrators, must be configured to require the use of a Common Access Card (CAC), PIV-compliant hardware token, or Alternate Logon Token (ALT) for user authentication. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN16-DC-000310 - Active Directory user accounts, including administrators, must be configured to require the use of a Common Access Card (CAC), Personal Identity Verification (PIV)-compliant hardware token, or Alternate Logon Token (ALT) for user authentication. | DISA Microsoft Windows Server 2016 STIG v2r10 | Windows | IDENTIFICATION AND AUTHENTICATION |
