| 1.1.8 Enable Azure AD Identity Protection sign-in risk policies | CIS Microsoft 365 Foundations E5 L2 v1.4.0 | microsoft_azure | IDENTIFICATION AND AUTHENTICATION |
| 1.2 Ensure that multi-factor authentication is enabled for all non-privileged users - List Users | CIS Microsoft Azure Foundations v1.3.1 L2 | microsoft_azure | IDENTIFICATION AND AUTHENTICATION |
| 1.2 Ensure that multi-factor authentication is enabled for all non-privileged users - Role Assignments | CIS Microsoft Azure Foundations v1.3.1 L2 | microsoft_azure | IDENTIFICATION AND AUTHENTICATION |
| 1.2 Ensure that multi-factor authentication is enabled for all non-privileged users - Role Definitions | CIS Microsoft Azure Foundations v1.3.1 L2 | microsoft_azure | IDENTIFICATION AND AUTHENTICATION |
| 1.3 Ensure modern authentication for Skype for Business Online is enabled | CIS Microsoft 365 Foundations E3 L1 v1.4.0 | microsoft_azure | IDENTIFICATION AND AUTHENTICATION |
| 1.4 Ensure modern authentication for SharePoint applications is required | CIS Microsoft 365 Foundations E3 L1 v1.4.0 | microsoft_azure | IDENTIFICATION AND AUTHENTICATION |
| 1.5 Ensure that 'Number of methods required to reset' is set to '2' | CIS Microsoft Azure Foundations v1.3.1 L1 | microsoft_azure | IDENTIFICATION AND AUTHENTICATION |
| 1.10 Ensure required packages for multifactor authentication are installed - pam_pkcs11 | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 1.20 Ensure that 'Require Multi-Factor Auth to join devices' is set to 'Yes' | CIS Microsoft Azure Foundations v1.3.1 L1 | microsoft_azure | IDENTIFICATION AND AUTHENTICATION |
| 2.2 Ensure that MongoDB does not bypass authentication via the localhost exception | CIS MongoDB 5 L1 OS Windows v1.1.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.2 Ensure that MongoDB does not bypass authentication via the localhost exception | CIS MongoDB 4 L1 OS Linux v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.1.11 Ensure SSH PermitEmptyPasswords is disabled | CIS Google Container-Optimized OS L1 Server v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 18.9.11.1.12 Ensure 'Configure use of smart cards on fixed data drives' is set to 'Enabled' | CIS Microsoft Windows 10 Enterprise v1.12.0 L2 + BL + NG | Windows | IDENTIFICATION AND AUTHENTICATION |
| 18.9.11.1.12 Ensure 'Configure use of smart cards on fixed data drives' is set to 'Enabled' | CIS Microsoft Windows 10 Enterprise v1.12.0 BL | Windows | IDENTIFICATION AND AUTHENTICATION |
| 18.9.11.1.12 Ensure 'Configure use of smart cards on fixed data drives' is set to 'Enabled' | CIS Microsoft Windows 11 Enterprise v1.0.0 L1 + BL | Windows | IDENTIFICATION AND AUTHENTICATION |
| 18.9.11.1.12 Ensure 'Configure use of smart cards on fixed data drives' is set to 'Enabled' | CIS Microsoft Windows 10 Enterprise v1.12.0 L1 + BL | Windows | IDENTIFICATION AND AUTHENTICATION |
| 18.9.11.1.12 Ensure 'Configure use of smart cards on fixed data drives' is set to 'Enabled' | CIS Microsoft Windows 10 Enterprise v1.12.0 L1 + BL + NG | Windows | IDENTIFICATION AND AUTHENTICATION |
| 18.9.11.1.13 Ensure 'Configure use of smart cards on fixed data drives: Require use of smart cards on fixed data drives' is set to 'Enabled: True' | CIS Microsoft Windows 10 Enterprise v1.12.0 L2 + BL + NG | Windows | IDENTIFICATION AND AUTHENTICATION |
| 18.9.11.1.13 Ensure 'Configure use of smart cards on fixed data drives: Require use of smart cards on fixed data drives' is set to 'Enabled: True' | CIS Microsoft Windows 11 Enterprise v1.0.0 L1 + BL + NG | Windows | IDENTIFICATION AND AUTHENTICATION |
| 18.9.11.1.13 Ensure 'Configure use of smart cards on fixed data drives: Require use of smart cards on fixed data drives' is set to 'Enabled: True' | CIS Microsoft Windows 10 Enterprise v1.12.0 L1 + BL | Windows | IDENTIFICATION AND AUTHENTICATION |
| 18.9.11.1.13 Ensure 'Configure use of smart cards on fixed data drives: Require use of smart cards on fixed data drives' is set to 'Enabled: True' | CIS Microsoft Windows 10 Enterprise v1.12.0 L1 + BL + NG | Windows | IDENTIFICATION AND AUTHENTICATION |
| 18.9.11.3.12 Ensure 'Configure use of smart cards on removable data drives' is set to 'Enabled' | CIS Microsoft Windows 11 Enterprise v1.0.0 L1 + BL | Windows | IDENTIFICATION AND AUTHENTICATION |
| 18.9.11.3.12 Ensure 'Configure use of smart cards on removable data drives' is set to 'Enabled' | CIS Microsoft Windows 11 Enterprise v1.0.0 L1 + BL + NG | Windows | IDENTIFICATION AND AUTHENTICATION |
| 18.9.11.3.12 Ensure 'Configure use of smart cards on removable data drives' is set to 'Enabled' | CIS Microsoft Windows 10 Enterprise v1.12.0 L1 + BL | Windows | IDENTIFICATION AND AUTHENTICATION |
| 18.9.11.3.12 Ensure 'Configure use of smart cards on removable data drives' is set to 'Enabled' | CIS Microsoft Windows 10 Enterprise v1.12.0 L1 + BL + NG | Windows | IDENTIFICATION AND AUTHENTICATION |
| 18.9.11.3.13 Ensure 'Configure use of smart cards on removable data drives: Require use of smart cards on removable data drives' is set to 'Enabled: True' | CIS Microsoft Windows 10 Enterprise v1.12.0 L2 + BL | Windows | IDENTIFICATION AND AUTHENTICATION |
| 18.9.11.3.13 Ensure 'Configure use of smart cards on removable data drives: Require use of smart cards on removable data drives' is set to 'Enabled: True' | CIS Microsoft Windows 11 Enterprise v1.0.0 L1 + BL | Windows | IDENTIFICATION AND AUTHENTICATION |
| 18.9.11.3.13 Ensure 'Configure use of smart cards on removable data drives: Require use of smart cards on removable data drives' is set to 'Enabled: True' | CIS Microsoft Windows 11 Enterprise v1.0.0 L1 + BL + NG | Windows | IDENTIFICATION AND AUTHENTICATION |
| 18.9.11.3.13 Ensure 'Configure use of smart cards on removable data drives: Require use of smart cards on removable data drives' is set to 'Enabled: True' | CIS Microsoft Windows 10 Enterprise v1.12.0 L1 + BL | Windows | IDENTIFICATION AND AUTHENTICATION |
| 18.9.11.3.13 Ensure 'Configure use of smart cards on removable data drives: Require use of smart cards on removable data drives' is set to 'Enabled: True' | CIS Microsoft Windows 10 Enterprise v1.12.0 L1 + BL + NG | Windows | IDENTIFICATION AND AUTHENTICATION |
| 18.9.17.5 Ensure 'Enable OneSettings Auditing' is set to 'Enabled' | CIS Microsoft Windows Server 2019 DC L1 v1.3.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 18.9.17.5 Ensure 'Enable OneSettings Auditing' is set to 'Enabled' | CIS Microsoft Windows Server 2019 MS L1 v1.3.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 18.9.17.5 Ensure 'Enable OneSettings Auditing' is set to 'Enabled' | CIS Microsoft Windows Server 2022 v1.0.0 L1 MS | Windows | IDENTIFICATION AND AUTHENTICATION |
| 18.9.17.5 Ensure 'Enable OneSettings Auditing' is set to 'Enabled' | CIS Microsoft Windows Server 2022 v1.0.0 L1 DC | Windows | IDENTIFICATION AND AUTHENTICATION |
| 20.11 Ensure 'Active Directory user accounts are configured to require the use of a Common Access Card (CAC), Personal Identity Verification (PIV)-compliant hardware token, or Alternate Logon Token (ALT) for user authentication.' (STIG DC only) | CIS Microsoft Windows Server 2016 STIG DC STIG v1.1.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| Big Sur - Disable Password Authentication for SSH | NIST macOS Big Sur v1.4.0 - All Profiles | Unix | IDENTIFICATION AND AUTHENTICATION, MAINTENANCE |
| Catalina - Disable Password Authentication for SSH | NIST macOS Catalina v1.5.0 - All Profiles | Unix | IDENTIFICATION AND AUTHENTICATION, MAINTENANCE |
| Monterey - Disable Password Authentication for SSH | NIST macOS Monterey v1.0.0 - 800-171 | Unix | IDENTIFICATION AND AUTHENTICATION, MAINTENANCE |
| Monterey - Disable Password Authentication for SSH | NIST macOS Monterey v1.0.0 - 800-53r4 Low | Unix | IDENTIFICATION AND AUTHENTICATION, MAINTENANCE |
| Monterey - Disable Password Authentication for SSH | NIST macOS Monterey v1.0.0 - 800-53r5 Moderate | Unix | IDENTIFICATION AND AUTHENTICATION, MAINTENANCE |
| Monterey - Disable Password Authentication for SSH | NIST macOS Monterey v1.0.0 - 800-53r4 High | Unix | IDENTIFICATION AND AUTHENTICATION, MAINTENANCE |
| Monterey - Disable Password Authentication for SSH | NIST macOS Monterey v1.0.0 - 800-53r4 Moderate | Unix | IDENTIFICATION AND AUTHENTICATION, MAINTENANCE |
| Monterey - Disable Password Authentication for SSH | NIST macOS Monterey v1.0.0 - CNSSI 1253 | Unix | IDENTIFICATION AND AUTHENTICATION, MAINTENANCE |
| Monterey - Disable Password Authentication for SSH | NIST macOS Monterey v1.0.0 - 800-53r5 Low | Unix | IDENTIFICATION AND AUTHENTICATION, MAINTENANCE |
| Monterey - Disable Password Authentication for SSH | NIST macOS Monterey v1.0.0 - 800-53r5 High | Unix | IDENTIFICATION AND AUTHENTICATION, MAINTENANCE |
| Monterey - Disable Password Authentication for SSH | NIST macOS Monterey v1.0.0 - All Profiles | Unix | IDENTIFICATION AND AUTHENTICATION, MAINTENANCE |
| Monterey - Enforce Smartcard Authentication | NIST macOS Monterey v1.0.0 - 800-171 | Unix | IDENTIFICATION AND AUTHENTICATION |
| Monterey - Enforce Smartcard Authentication | NIST macOS Monterey v1.0.0 - 800-53r4 Low | Unix | IDENTIFICATION AND AUTHENTICATION |
| Monterey - Enforce Smartcard Authentication | NIST macOS Monterey v1.0.0 - 800-53r5 Moderate | Unix | IDENTIFICATION AND AUTHENTICATION |
| Monterey - Enforce Smartcard Authentication | NIST macOS Monterey v1.0.0 - All Profiles | Unix | IDENTIFICATION AND AUTHENTICATION |
