| 1.1.3.8.1 Set 'Microsoft network server: Disconnect clients when logon hours expire' to 'Enabled' | CIS Windows 8 L1 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 1.1.22 Ensure that the --kubelet-client-certificate and --kubelet-client-key arguments are set as appropriate - certificate | CIS Kubernetes 1.13 Benchmark v1.4.1 L1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 1.1.22 Ensure that the --kubelet-client-certificate and --kubelet-client-key arguments are set as appropriate - key | CIS Kubernetes 1.13 Benchmark v1.4.1 L1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 1.1.30 Ensure that the API Server only makes use of Strong Cryptographic Ciphers | CIS Kubernetes 1.13 Benchmark v1.4.1 L1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 1.2.2 Set 'modulus' to greater than or equal to 2048 for 'crypto key generate rsa' | CIS Cisco IOS XR 7.x v1.0.1 L1 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| 1.2.2 Set 'transport input ssh' for 'line vty' connections | CIS Cisco IOS 15 L1 v4.1.1 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| 1.2.2 Set 'transport input ssh' for 'line vty' connections | CIS Cisco IOS XE 16.x v2.1.0 L1 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| 1.2.2 Set 'transport input ssh' for 'line vty' connections | CIS Cisco IOS XE 17.x v2.2.1 L1 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| 1.2.4.2.1.15 Set 'Configure use of smart cards on fixed data drives' to 'Enabled' | CIS Windows 8 L1 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 1.2.4.2.2.15 Set 'Require additional authentication at startup' to 'Enabled' | CIS Windows 8 L1 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 1.4 Ensure MFA is enabled for the 'root' user account | CIS Amazon Web Services Foundations v5.0.0 L1 | amazon_aws | IDENTIFICATION AND AUTHENTICATION |
| 1.5 Ensure hardware MFA is enabled for the 'root' user account | CIS Amazon Web Services Foundations v5.0.0 L2 | amazon_aws | IDENTIFICATION AND AUTHENTICATION |
| 1.5.8 Require 'aes 128' as minimum for 'snmp-server user' when using SNMPv3 | CIS Cisco IOS XR 7.x v1.0.1 L2 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| 1.5.9 Set 'priv' for each 'snmp-server group' using SNMPv3 | CIS Cisco IOS XE 17.x v2.2.1 L1 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| 1.5.10 Require 'aes 128' as minimum for 'snmp-server user' when using SNMPv3 | CIS Cisco IOS XE 17.x v2.2.1 L1 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| 1.8.5 Ensure users must authenticate users using MFA via a graphical user logon | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | IDENTIFICATION AND AUTHENTICATION |
| 1.10 Ensure required packages for multifactor authentication are installed | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | IDENTIFICATION AND AUTHENTICATION |
| 2.2.4 Ensure telnet client is not installed | CIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 2.3.2 Ensure rsh client is not installed | CIS Distribution Independent Linux Server L1 v2.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 2.3.2 Ensure rsh client is not installed | CIS Distribution Independent Linux Workstation L1 v2.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 2.3.2 Ensure rsh client is not installed | CIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 2.3.4 Ensure telnet client is not installed | CIS Distribution Independent Linux Server L1 v2.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 2.3.4 Ensure telnet client is not installed | CIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 2.3.4 Ensure telnet client is not installed | CIS Distribution Independent Linux Workstation L1 v2.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 3.6.1.5 Ensure SSH PermitEmptyPasswords is disabled | CIS IBM AIX 7.1 L1 v2.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 3.6.1.6 Configuring SSH - disallow host based authentication | CIS IBM AIX 7.1 L1 v2.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 4.1.1 Ensure only MFA enabled identities can access privileged Virtual Machine | CIS Microsoft Azure Foundations v4.0.0 L2 | microsoft_azure | IDENTIFICATION AND AUTHENTICATION |
| 4.2 Ensure valid public keys are installed | CIS PostgreSQL 9.5 OS v1.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.1 Ensure login via 'local' UNIX Domain Socket is configured correctly | CIS PostgreSQL 16 OS v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.1 Ensure login via 'local' UNIX Domain Socket is configured correctly | CIS PostgreSQL 15 OS v1.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.1 Ensure login via 'local' UNIX Domain Socket is configured correctly | CIS PostgreSQL 10 OS v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.1 Ensure login via 'local' UNIX Domain Socket is configured correctly | CIS PostgreSQL 11 OS v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.1 Ensure login via 'local' UNIX Domain Socket is configured correctly - local UNIX Domain Socket is configured correctly | CIS PostgreSQL 12 OS v1.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.2.2.1 (L1) Ensure multifactor authentication is enabled for all users in administrative roles | CIS Microsoft 365 Foundations v5.0.0 L1 E3 | microsoft_azure | IDENTIFICATION AND AUTHENTICATION |
| 5.2.2.1 (L1) Ensure multifactor authentication is enabled for all users in administrative roles | CIS Microsoft 365 Foundations v5.0.0 L1 E5 | microsoft_azure | IDENTIFICATION AND AUTHENTICATION |
| 5.3 Ensure login via 'local' UNIX Domain Socket is configured correctly | CIS PostgreSQL 13 OS v1.2.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.3 Ensure login via "local" UNIX Domain Socket is configured correctly | CIS PostgreSQL 17 v1.0.0 L1 PostgreSQL | PostgreSQLDB | IDENTIFICATION AND AUTHENTICATION |
| 5.3.3.6.1 Ensure the operating system uses multifactor authentication for local access to accounts | CIS Red Hat Enterprise Linux 8 STIG v2.0.0 STIG | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.3.3.6.3 Ensure the certificate of the user or group is mapped to the corresponding user or group in the "sssd.conf" file | CIS Red Hat Enterprise Linux 8 STIG v2.0.0 STIG | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.4.9 Ensure multifactor authentication for access to privileged accounts | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.5.7 Ensure multi-factor authentication is enable for users | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | IDENTIFICATION AND AUTHENTICATION |
| 6.6.13 Ensure SSH Key Authentication is not set for User Logins | CIS Juniper OS Benchmark v2.1.0 L1 | Juniper | IDENTIFICATION AND AUTHENTICATION |
| 6.10.1.10 Ensure Only Suite B Key Exchange Methods are set for SSH - key-exchange restriction | CIS Juniper OS Benchmark v2.1.0 L2 | Juniper | IDENTIFICATION AND AUTHENTICATION |
| 6.10.1.12 Ensure Only Suite B Based Key Signing Algorithms are set for SSH - ECDSA Key | CIS Juniper OS Benchmark v2.1.0 L2 | Juniper | IDENTIFICATION AND AUTHENTICATION |
| 6.10.5.1 Ensure REST is Not Set to HTTP | CIS Juniper OS Benchmark v2.1.0 L1 | Juniper | IDENTIFICATION AND AUTHENTICATION |
| 6.10.5.2 Ensure REST is Set to HTTPS | CIS Juniper OS Benchmark v2.1.0 L1 | Juniper | IDENTIFICATION AND AUTHENTICATION |
| 6.10.5.4 Ensure REST HTTPS is Set to use Mutual Authentication | CIS Juniper OS Benchmark v2.1.0 L2 | Juniper | IDENTIFICATION AND AUTHENTICATION |
| 6.10.5.6 Ensure REST HTTPS Cipher List is Set to Suite B Only | CIS Juniper OS Benchmark v2.1.0 L2 | Juniper | IDENTIFICATION AND AUTHENTICATION |
| 18.9.59.3.9.2 (L1) Ensure 'Require secure RPC communication' is set to 'Enabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | IDENTIFICATION AND AUTHENTICATION |
| 18.9.59.3.9.5 (L1) Ensure 'Set client connection encryption level' is set to 'Enabled: High Level' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | IDENTIFICATION AND AUTHENTICATION |
