1.4.2.1 Ensure 'TACACS+/RADIUS' is configured correctly - host | CIS Cisco ASA 9.x Firewall L2 v1.0.0 | Cisco | IDENTIFICATION AND AUTHENTICATION |
1.4.3.6 Ensure 'aaa authentication telnet console' is configured correctly | CIS Cisco Firewall ASA 9 L1 v4.1.0 | Cisco | IDENTIFICATION AND AUTHENTICATION |
2.1 Ensure that authentication is enabled for MongoDB databases | CIS MongoDB L1 Unix Audit v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
2.3 Ensure authentication is enabled in the sharded cluster | CIS MongoDB L1 Windows Audit v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
2.4 Ensure an industry standard authentication mechanism is used - authorization | CIS MongoDB L2 Unix Audit v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
2.4 Ensure an industry standard authentication mechanism is used - authorization | CIS MongoDB L2 Windows Audit v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
2.6.3 - NIS - remove NIS markers from password and group files - '/etc/group does not include NIS + entries' | CIS AIX 5.3/6.1 L2 v1.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
2.11 Use authorization plugin | CIS Docker 1.13.0 v1.0.0 L2 Docker | Unix | IDENTIFICATION AND AUTHENTICATION |
2.13 Set 'Allow access to voicemail without requiring a PIN' to 'False' | CIS Microsoft Exchange Server 2013 UM v1.1.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
3.1.13 Enable server-based authentication | CIS IBM DB2 v10 v1.1.0 Linux OS Level 1 | Unix | IDENTIFICATION AND AUTHENTICATION |
3.1.13 Enable server-based authentication | CIS IBM DB2 v10 v1.1.0 Windows OS Level 1 | Windows | IDENTIFICATION AND AUTHENTICATION |
3.1.13 Enable server-based authentication | CIS IBM DB2 v10 v1.1.0 Windows OS Level 2 | Windows | IDENTIFICATION AND AUTHENTICATION |
3.1.16 Enable server-based authentication | CIS IBM DB2 9 Benchmark v3.0.1 Level 2 DB | IBM_DB2DB | IDENTIFICATION AND AUTHENTICATION |
3.1.16 Enable server-based authentication - 'srvcon_auth = server' | CIS IBM DB2 OS L2 v1.2.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
3.7 Ensure 'DBA_USERS.PASSWORD' Is Not Set to 'EXTERNAL' for Any User | CIS Oracle Server 11g R2 DB v2.2.0 | OracleDB | IDENTIFICATION AND AUTHENTICATION |
4.3 Use Active Directory for local user authentication - Enabled = 'true' | CIS VMware ESXi 5.5 v1.2.0 Level 1 | VMware | IDENTIFICATION AND AUTHENTICATION |
4.3 Use Active Directory for local user authentication - Review Domain | CIS VMware ESXi 5.5 v1.2.0 Level 1 | VMware | IDENTIFICATION AND AUTHENTICATION |
4.4 Use Active Directory for local user authentication - Review Domain | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | IDENTIFICATION AND AUTHENTICATION |
6.2.2 Ensure no legacy '+' entries exist in /etc/passwd | CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
6.2.3 Ensure no legacy '+' entries exist in /etc/shadow | CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
13.3 Verify No Legacy '+' Entries Exist in /etc/shadow File | CIS Debian Linux 7 L1 v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
13.4 Verify No Legacy '+' Entries Exist in /etc/group File | CIS Debian Linux 7 L1 v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
13.4 Verify No Legacy "+" Entries Exist in /etc/group File | CIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
Allow using the deprecated U2F Security Key API (obsolete) | MSCT Edge v107 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
Big Sur - Disable Login to Other User's Active and Locked Sessions | NIST macOS Big Sur v1.4.0 - All Profiles | Unix | IDENTIFICATION AND AUTHENTICATION |
BSI-100-2: S 5.18: Use of the NIS security mechanisms: The file /etc/bootparams must not contain the entry +::0:0::: | BSI-100-2 Red Hat Linux 2005 | Unix | IDENTIFICATION AND AUTHENTICATION |
Catalina - Disable Root Login | NIST macOS Catalina v1.5.0 - 800-53r4 Low | Unix | IDENTIFICATION AND AUTHENTICATION |
Centralized authentication - server | ArubaOS CX 10.x Hardening Guide v1.0.0 | ArubaOS | IDENTIFICATION AND AUTHENTICATION |
Centralized authentication - server | ArubaOS Switch 16.x Hardening Guide v1.0.0 | ArubaOS | IDENTIFICATION AND AUTHENTICATION |
Centralized authentication - tacacs accounting | ArubaOS CX 10.x Hardening Guide v1.0.0 | ArubaOS | IDENTIFICATION AND AUTHENTICATION |
ESXi : enable-ad-auth | VMWare vSphere 6.5 Hardening Guide | VMware | IDENTIFICATION AND AUTHENTICATION |
FireEye - AAA is enabled | TNS FireEye | FireEye | IDENTIFICATION AND AUTHENTICATION |
FireEye - AAA tries local authentication first | TNS FireEye | FireEye | IDENTIFICATION AND AUTHENTICATION |
Huawei: User Interfaces are Authenticated | TNS Huawei VRP Best Practice Audit | Huawei | IDENTIFICATION AND AUTHENTICATION |
Identification and Authentication - Use out of band authentication - AAA - audit logging | Tenable Cisco Viptela SD-WAN - vEdge | Cisco_Viptela | IDENTIFICATION AND AUTHENTICATION |
Identification and Authentication - Use out of band authentication - AAA - netconf logging | Tenable Cisco Viptela SD-WAN - vEdge | Cisco_Viptela | IDENTIFICATION AND AUTHENTICATION |
Identification and Authentication - Use out of band authentication - AAA - netconf logging | Tenable Cisco Viptela SD-WAN - vManage | Cisco_Viptela | IDENTIFICATION AND AUTHENTICATION |
Identification and Authentication - Use out of band authentication - AAA - netconf logging | Tenable Cisco Viptela SD-WAN - vBond | Cisco_Viptela | IDENTIFICATION AND AUTHENTICATION |
Identification and Authentication - Use out of band authentication - Authentication Order | Tenable Cisco Viptela SD-WAN - vEdge | Cisco_Viptela | IDENTIFICATION AND AUTHENTICATION |
Identification and Authentication - Use out of band authentication - Authentication Order | Tenable Cisco Viptela SD-WAN - vBond | Cisco_Viptela | IDENTIFICATION AND AUTHENTICATION |
Identification and Authentication - Use out of band authentication - Server IP | Tenable Cisco Viptela SD-WAN - vEdge | Cisco_Viptela | IDENTIFICATION AND AUTHENTICATION |
Identification and Authentication - Use out of band authentication - Server IP | Tenable Cisco Viptela SD-WAN - vBond | Cisco_Viptela | IDENTIFICATION AND AUTHENTICATION |
PCI 2.2.4 - Verify that common security parameter settings are included - NIS - '/etc/passwd does not include NIS + entries' | PCI DSS 2.0/3.0 - AIX | Unix | IDENTIFICATION AND AUTHENTICATION |
PCI 2.2.4 Verify common security parameter settings - Verify No Legacy '+' entries exist in '/etc/passwd' | PCI DSS 2.0/3.0 - Red Hat Linux | Unix | IDENTIFICATION AND AUTHENTICATION |
RADIUS and TACACS+ authorization and accounting - authorization commands access-level | ArubaOS Switch 16.x Hardening Guide v1.0.0 | ArubaOS | IDENTIFICATION AND AUTHENTICATION |
RADIUS and TACACS+ authorization and accounting - authorization commands auto | ArubaOS Switch 16.x Hardening Guide v1.0.0 | ArubaOS | IDENTIFICATION AND AUTHENTICATION |
Restrict Unauthenticated RPC clients | MSCT Windows Server 2022 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
Restrict Unauthenticated RPC clients | MSCT Windows 10 v21H1 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
Salesforce.com : AuthConfig - No SSO Auth Providers have been configured | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | IDENTIFICATION AND AUTHENTICATION |
Salesforce.com : Monitoring Login History - 'Inactive users' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | IDENTIFICATION AND AUTHENTICATION |