| 2.2 Ensure that MongoDB does not bypass authentication via the localhost exception | CIS MongoDB 5 L1 OS Windows v1.2.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 5.1.2.1 (L1) Ensure 'Per-user MFA' is disabled | CIS Microsoft 365 Foundations v5.0.0 L1 E5 | microsoft_azure | IDENTIFICATION AND AUTHENTICATION |
| 5.1.2.1 (L1) Ensure 'Per-user MFA' is disabled | CIS Microsoft 365 Foundations v5.0.0 L1 E3 | microsoft_azure | IDENTIFICATION AND AUTHENTICATION |
| 5.2.2.2 (L1) Ensure multifactor authentication is enabled for all users | CIS Microsoft 365 Foundations v5.0.0 L1 E5 | microsoft_azure | IDENTIFICATION AND AUTHENTICATION |
| 5.2.2.9 (L1) Ensure a managed device is required for authentication | CIS Microsoft 365 Foundations v5.0.0 L1 E5 | microsoft_azure | IDENTIFICATION AND AUTHENTICATION |
| 5.2.2.9 (L1) Ensure a managed device is required for authentication | CIS Microsoft 365 Foundations v5.0.0 L1 E3 | microsoft_azure | IDENTIFICATION AND AUTHENTICATION |
| 5.2.2.10 (L1) Ensure a managed device is required to register security information | CIS Microsoft 365 Foundations v5.0.0 L1 E3 | microsoft_azure | IDENTIFICATION AND AUTHENTICATION |
| 5.2.2.10 (L1) Ensure a managed device is required to register security information | CIS Microsoft 365 Foundations v5.0.0 L1 E5 | microsoft_azure | IDENTIFICATION AND AUTHENTICATION |
| 5.2.2.11 (L1) Ensure sign-in frequency for Intune Enrollment is set to 'Every time' | CIS Microsoft 365 Foundations v5.0.0 L1 E3 | microsoft_azure | IDENTIFICATION AND AUTHENTICATION |
| 5.2.2.11 (L1) Ensure sign-in frequency for Intune Enrollment is set to 'Every time' | CIS Microsoft 365 Foundations v5.0.0 L1 E5 | microsoft_azure | IDENTIFICATION AND AUTHENTICATION |
| 5.2.3.4 (L1) Ensure all member users are 'MFA capable' | CIS Microsoft 365 Foundations v5.0.0 L1 E3 | microsoft_azure | IDENTIFICATION AND AUTHENTICATION |
| 5.2.3.4 (L1) Ensure all member users are 'MFA capable' | CIS Microsoft 365 Foundations v5.0.0 L1 E5 | microsoft_azure | IDENTIFICATION AND AUTHENTICATION |
| 5.2.3.5 (L1) Ensure weak authentication methods are disabled | CIS Microsoft 365 Foundations v5.0.0 L1 E5 | microsoft_azure | IDENTIFICATION AND AUTHENTICATION |
| 5.2.3.5 (L1) Ensure weak authentication methods are disabled | CIS Microsoft 365 Foundations v5.0.0 L1 E3 | microsoft_azure | IDENTIFICATION AND AUTHENTICATION |
| 5.2.3.6 (L1) Ensure system-preferred multifactor authentication is enabled | CIS Microsoft 365 Foundations v5.0.0 L1 E5 | microsoft_azure | IDENTIFICATION AND AUTHENTICATION |
| 5.2.3.6 (L1) Ensure system-preferred multifactor authentication is enabled | CIS Microsoft 365 Foundations v5.0.0 L1 E3 | microsoft_azure | IDENTIFICATION AND AUTHENTICATION |
| 6.1.3 Ensure that 'Allow users to remember multifactor authentication on devices they trust' is disabled | CIS Microsoft Azure Foundations v4.0.0 L1 | microsoft_azure | IDENTIFICATION AND AUTHENTICATION |
| 6.5 Ensure that 'Number of methods required to reset' is set to '2' | CIS Microsoft Azure Foundations v4.0.0 L1 | microsoft_azure | IDENTIFICATION AND AUTHENTICATION |
| 20.11 Ensure 'Active Directory user accounts are configured to require the use of a Common Access Card (CAC), Personal Identity Verification (PIV)-compliant hardware token, or Alternate Logon Token (ALT)' (STIG DC only) | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC | Windows | IDENTIFICATION AND AUTHENTICATION |
| Big Sur - Allow Smartcard Authentication | NIST macOS Big Sur v1.4.0 - 800-53r4 Moderate | Unix | IDENTIFICATION AND AUTHENTICATION |
| Big Sur - Allow Smartcard Authentication | NIST macOS Big Sur v1.4.0 - All Profiles | Unix | IDENTIFICATION AND AUTHENTICATION |
| Big Sur - Allow Smartcard Authentication | NIST macOS Big Sur v1.4.0 - 800-53r4 High | Unix | IDENTIFICATION AND AUTHENTICATION |
| Big Sur - Allow Smartcard Authentication | NIST macOS Big Sur v1.4.0 - 800-53r4 Low | Unix | IDENTIFICATION AND AUTHENTICATION |
| Big Sur - Allow Smartcard Authentication | NIST macOS Big Sur v1.4.0 - 800-53r5 Low | Unix | IDENTIFICATION AND AUTHENTICATION |
| Big Sur - Allow Smartcard Authentication | NIST macOS Big Sur v1.4.0 - CNSSI 1253 | Unix | IDENTIFICATION AND AUTHENTICATION |
| Big Sur - Allow Smartcard Authentication | NIST macOS Big Sur v1.4.0 - 800-53r5 High | Unix | IDENTIFICATION AND AUTHENTICATION |
| Catalina - Allow Smartcard Authentication | NIST macOS Catalina v1.5.0 - 800-53r4 High | Unix | IDENTIFICATION AND AUTHENTICATION |
| Catalina - Allow Smartcard Authentication | NIST macOS Catalina v1.5.0 - 800-53r4 Moderate | Unix | IDENTIFICATION AND AUTHENTICATION |
| Catalina - Allow Smartcard Authentication | NIST macOS Catalina v1.5.0 - 800-53r5 Low | Unix | IDENTIFICATION AND AUTHENTICATION |
| Catalina - Allow Smartcard Authentication | NIST macOS Catalina v1.5.0 - 800-53r5 Moderate | Unix | IDENTIFICATION AND AUTHENTICATION |
| Catalina - Allow Smartcard Authentication | NIST macOS Catalina v1.5.0 - 800-53r4 Low | Unix | IDENTIFICATION AND AUTHENTICATION |
| Catalina - Allow Smartcard Authentication | NIST macOS Catalina v1.5.0 - 800-53r5 High | Unix | IDENTIFICATION AND AUTHENTICATION |
| Catalina - Allow Smartcard Authentication | NIST macOS Catalina v1.5.0 - CNSSI 1253 | Unix | IDENTIFICATION AND AUTHENTICATION |
| Catalina - Disable Password Authentication for SSH | NIST macOS Catalina v1.5.0 - All Profiles | Unix | IDENTIFICATION AND AUTHENTICATION, MAINTENANCE |
| Monterey - Allow Smartcard Authentication | NIST macOS Monterey v1.0.0 - 800-53r5 Low | Unix | IDENTIFICATION AND AUTHENTICATION |
| Monterey - Allow Smartcard Authentication | NIST macOS Monterey v1.0.0 - 800-53r4 Low | Unix | IDENTIFICATION AND AUTHENTICATION |
| Monterey - Allow Smartcard Authentication | NIST macOS Monterey v1.0.0 - 800-53r5 Moderate | Unix | IDENTIFICATION AND AUTHENTICATION |
| Monterey - Allow Smartcard Authentication | NIST macOS Monterey v1.0.0 - CNSSI 1253 | Unix | IDENTIFICATION AND AUTHENTICATION |
| Monterey - Allow Smartcard Authentication | NIST macOS Monterey v1.0.0 - 800-53r4 High | Unix | IDENTIFICATION AND AUTHENTICATION |
| Monterey - Allow Smartcard Authentication | NIST macOS Monterey v1.0.0 - 800-53r5 High | Unix | IDENTIFICATION AND AUTHENTICATION |
| Monterey - Allow Smartcard Authentication | NIST macOS Monterey v1.0.0 - All Profiles | Unix | IDENTIFICATION AND AUTHENTICATION |
| Monterey - Disable Password Authentication for SSH | NIST macOS Monterey v1.0.0 - 800-53r4 Moderate | Unix | IDENTIFICATION AND AUTHENTICATION, MAINTENANCE |
| Monterey - Disable Password Authentication for SSH | NIST macOS Monterey v1.0.0 - 800-53r5 Moderate | Unix | IDENTIFICATION AND AUTHENTICATION, MAINTENANCE |
| Monterey - Disable Password Authentication for SSH | NIST macOS Monterey v1.0.0 - All Profiles | Unix | IDENTIFICATION AND AUTHENTICATION, MAINTENANCE |
| Monterey - Enforce Smartcard Authentication | NIST macOS Monterey v1.0.0 - 800-53r5 Moderate | Unix | IDENTIFICATION AND AUTHENTICATION |
| Monterey - Enforce Smartcard Authentication | NIST macOS Monterey v1.0.0 - All Profiles | Unix | IDENTIFICATION AND AUTHENTICATION |
| Monterey - Enforce Smartcard Authentication | NIST macOS Monterey v1.0.0 - 800-53r4 High | Unix | IDENTIFICATION AND AUTHENTICATION |
| Monterey - Enforce Smartcard Authentication | NIST macOS Monterey v1.0.0 - 800-171 | Unix | IDENTIFICATION AND AUTHENTICATION |
| Monterey - Enforce Smartcard Authentication | NIST macOS Monterey v1.0.0 - 800-53r5 Low | Unix | IDENTIFICATION AND AUTHENTICATION |
| Monterey - Enforce Smartcard Authentication | NIST macOS Monterey v1.0.0 - CNSSI 1253 | Unix | IDENTIFICATION AND AUTHENTICATION |
