1.1.3 Ensure that 'Multi-Factor Auth Status' is 'Enabled' for all Non-Privileged Users - List Users | CIS Microsoft Azure Foundations v2.0.0 L2 | microsoft_azure | IDENTIFICATION AND AUTHENTICATION |
1.1.3 Ensure that 'Multi-Factor Auth Status' is 'Enabled' for all Non-Privileged Users - Role Assignments | CIS Microsoft Azure Foundations v2.0.0 L2 | microsoft_azure | IDENTIFICATION AND AUTHENTICATION |
1.2 Ensure that Multi-Factor Authentication is 'Enabled' for All Non-Service Accounts | CIS Google Cloud Platform v2.0.0 L1 | GCP | IDENTIFICATION AND AUTHENTICATION |
1.3 Ensure that Security Key Enforcement is Enabled for All Admin Accounts | CIS Google Cloud Platform v2.0.0 L2 | GCP | IDENTIFICATION AND AUTHENTICATION |
1.4.3.6 Ensure 'aaa authentication telnet console' is configured correctly | CIS Cisco Firewall ASA 9 L1 v4.1.0 | Cisco | IDENTIFICATION AND AUTHENTICATION |
1.10 Ensure required packages for multifactor authentication are installed - pam_pkcs11 | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | IDENTIFICATION AND AUTHENTICATION |
1.22 Ensure that 'Require Multi-Factor Authentication to register or join devices with Azure AD' is set to 'Yes' | CIS Microsoft Azure Foundations v2.0.0 L1 | microsoft_azure | IDENTIFICATION AND AUTHENTICATION |
2.1 Ensure that authentication is enabled for MongoDB databases | CIS MongoDB L1 Unix Audit v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
2.2 Ensure that MongoDB does not bypass authentication via the localhost exception | CIS MongoDB 6 L1 OS Linux v1.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
2.2 Ensure that MongoDB does not bypass authentication via the localhost exception | CIS MongoDB 6 L1 OS Windows v1.1.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
2.2 Ensure that MongoDB does not bypass authentication via the localhost exception | CIS MongoDB 5 L1 OS Linux v1.2.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
2.2 Ensure that MongoDB does not bypass authentication via the localhost exception | CIS MongoDB 4 L1 OS Windows v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
2.2 Ensure that MongoDB does not bypass authentication via the localhost exception | CIS MongoDB 3.6 L1 Windows Audit v1.1.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
2.2 Ensure that MongoDB does not bypass authentication via the localhost exception | CIS MongoDB 4 L1 OS Linux v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
2.2 Ensure that MongoDB does not bypass authentication via the localhost exception | CIS MongoDB 7 L1 OS Windows v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
2.3 Ensure authentication is enabled in the sharded cluster | CIS MongoDB L1 Windows Audit v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
2.4 Ensure an industry standard authentication mechanism is used - authorization | CIS MongoDB L2 Unix Audit v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
2.4 Ensure an industry standard authentication mechanism is used - authorization | CIS MongoDB L2 Windows Audit v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
2.11 Use authorization plugin | CIS Docker 1.13.0 v1.0.0 L2 Docker | Unix | IDENTIFICATION AND AUTHENTICATION |
2.13 Set 'Allow access to voicemail without requiring a PIN' to 'False' | CIS Microsoft Exchange Server 2013 UM v1.1.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
3.1.13 Enable server-based authentication | CIS IBM DB2 v10 v1.1.0 Linux OS Level 1 | Unix | IDENTIFICATION AND AUTHENTICATION |
3.1.13 Enable server-based authentication | CIS IBM DB2 v10 v1.1.0 Windows OS Level 1 | Windows | IDENTIFICATION AND AUTHENTICATION |
3.1.13 Enable server-based authentication | CIS IBM DB2 v10 v1.1.0 Windows OS Level 2 | Windows | IDENTIFICATION AND AUTHENTICATION |
3.1.16 Enable server-based authentication | CIS IBM DB2 9 Benchmark v3.0.1 Level 2 DB | IBM_DB2DB | IDENTIFICATION AND AUTHENTICATION |
3.1.16 Enable server-based authentication - 'srvcon_auth = server' | CIS IBM DB2 OS L2 v1.2.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
3.7 Ensure 'DBA_USERS.PASSWORD' Is Not Set to 'EXTERNAL' for Any User | CIS Oracle Server 11g R2 DB v2.2.0 | OracleDB | IDENTIFICATION AND AUTHENTICATION |
4.3 Use Active Directory for local user authentication - Review Domain | CIS VMware ESXi 5.5 v1.2.0 Level 1 | VMware | IDENTIFICATION AND AUTHENTICATION |
5.1.11 Ensure SSH PermitEmptyPasswords is disabled | CIS Google Container-Optimized OS L1 Server v1.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
5.2.2.2 Ensure multifactor authentication is enabled for all users | CIS Microsoft 365 Foundations E3 L1 v3.0.0 | microsoft_azure | IDENTIFICATION AND AUTHENTICATION |
18.10.15.5 Ensure 'Enable OneSettings Auditing' is set to 'Enabled' - Enabled | CIS Microsoft Windows Server 2022 v2.0.0 L1 MS | Windows | IDENTIFICATION AND AUTHENTICATION |
18.10.15.5 Ensure 'Enable OneSettings Auditing' is set to 'Enabled' - Enabled | CIS Microsoft Windows Server 2019 DC L1 v2.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
18.10.15.5 Ensure 'Enable OneSettings Auditing' is set to 'Enabled' - Enabled | CIS Microsoft Windows Server 2019 Standalone DC L1 vCIS Microsoft Windows Server 2019 Standalone DC L1 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
18.10.15.5 Ensure 'Enable OneSettings Auditing' is set to 'Enabled' - Enabled | CIS Microsoft Windows Server 2019 MS L1 v2.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
18.10.15.5 Ensure 'Enable OneSettings Auditing' is set to 'Enabled' - Enabled | CIS Microsoft Windows Server 2022 v2.0.0 L1 DC | Windows | IDENTIFICATION AND AUTHENTICATION |
20.11 Ensure 'Active Directory user accounts are configured to require the use of a Common Access Card (CAC), Personal Identity Verification (PIV)-compliant hardware token, or Alternate Logon Token (ALT) for user authentication.' (STIG DC only) | CIS Microsoft Windows Server 2016 STIG DC STIG v1.1.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
Allow using the deprecated U2F Security Key API (obsolete) | MSCT Edge v107 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
Catalina - Disable Password Authentication for SSH | NIST macOS Catalina v1.5.0 - All Profiles | Unix | IDENTIFICATION AND AUTHENTICATION, MAINTENANCE |
Centralized authentication - server | ArubaOS CX 10.x Hardening Guide v1.0.0 | ArubaOS | IDENTIFICATION AND AUTHENTICATION |
Centralized authentication - server | ArubaOS Switch 16.x Hardening Guide v1.0.0 | ArubaOS | IDENTIFICATION AND AUTHENTICATION |
Centralized authentication - tacacs accounting | ArubaOS CX 10.x Hardening Guide v1.0.0 | ArubaOS | IDENTIFICATION AND AUTHENTICATION |
Huawei: User Interfaces are Authenticated | TNS Huawei VRP Best Practice Audit | Huawei | IDENTIFICATION AND AUTHENTICATION |
Monterey - Disable Password Authentication for SSH | NIST macOS Monterey v1.0.0 - 800-53r4 High | Unix | IDENTIFICATION AND AUTHENTICATION, MAINTENANCE |
Monterey - Disable Password Authentication for SSH | NIST macOS Monterey v1.0.0 - 800-53r5 Low | Unix | IDENTIFICATION AND AUTHENTICATION, MAINTENANCE |
Monterey - Disable Password Authentication for SSH | NIST macOS Monterey v1.0.0 - CNSSI 1253 | Unix | IDENTIFICATION AND AUTHENTICATION, MAINTENANCE |
Monterey - Disable Password Authentication for SSH | NIST macOS Monterey v1.0.0 - 800-53r4 Moderate | Unix | IDENTIFICATION AND AUTHENTICATION, MAINTENANCE |
Monterey - Disable Password Authentication for SSH | NIST macOS Monterey v1.0.0 - 800-53r5 Moderate | Unix | IDENTIFICATION AND AUTHENTICATION, MAINTENANCE |
Monterey - Disable Password Authentication for SSH | NIST macOS Monterey v1.0.0 - 800-171 | Unix | IDENTIFICATION AND AUTHENTICATION, MAINTENANCE |
RADIUS and TACACS+ authorization and accounting - authorization commands access-level | ArubaOS Switch 16.x Hardening Guide v1.0.0 | ArubaOS | IDENTIFICATION AND AUTHENTICATION |
RADIUS and TACACS+ authorization and accounting - authorization commands auto | ArubaOS Switch 16.x Hardening Guide v1.0.0 | ArubaOS | IDENTIFICATION AND AUTHENTICATION |
Restrict Unauthenticated RPC clients | MSCT Windows Server 2022 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |