1.4.2.1 Ensure 'TACACS+/RADIUS' is configured correctly - host | CIS Cisco Firewall ASA 9 L1 v4.1.0 | Cisco | IDENTIFICATION AND AUTHENTICATION |
2.1 Ensure that authentication is enabled for MongoDB databases | CIS MongoDB L1 Windows Audit v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
2.3 Ensure authentication is enabled in the sharded cluster | CIS MongoDB L1 Unix Audit v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
2.4 Ensure an industry standard authentication mechanism is used - clusterAuthMode | CIS MongoDB L2 Unix Audit v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
2.4 Ensure an industry standard authentication mechanism is used - clusterAuthMode | CIS MongoDB L2 Windows Audit v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
2.4 Ensure an industry standard authentication mechanism is used - mode | CIS MongoDB L2 Windows Audit v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
2.08 Listener password - 'Use OS Authentication' | CIS v1.1.0 Oracle 11g OS Windows Level 1 | Windows | IDENTIFICATION AND AUTHENTICATION |
2.08 Listener password - 'Use OS Authentication' | CIS v1.1.0 Oracle 11g OS L1 | Unix | IDENTIFICATION AND AUTHENTICATION |
2.11 Use authorization plugin | CIS Docker 1.12.0 v1.0.0 L2 Docker | Unix | IDENTIFICATION AND AUTHENTICATION |
2.11 Use authorization plugin | CIS Docker 1.11.0 v1.0.0 L2 Docker | Unix | IDENTIFICATION AND AUTHENTICATION |
2.13 Set 'Allow access to voicemail without requiring a PIN' to 'False' | CIS Microsoft Exchange Server 2016 UM v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
3.1.13 Enable server-based authentication | CIS IBM DB2 v10 v1.1.0 Linux OS Level 2 | Unix | IDENTIFICATION AND AUTHENTICATION |
3.1.16 Enable server-based authentication | CIS IBM DB2 9 Benchmark v3.0.1 Level 1 DB | IBM_DB2DB | IDENTIFICATION AND AUTHENTICATION |
4.4 Use Active Directory for local user authentication - Enabled = 'true' | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | IDENTIFICATION AND AUTHENTICATION |
6.2.2 Ensure no legacy '+' entries exist in /etc/passwd | CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
6.2.3 Ensure no legacy '+' entries exist in /etc/shadow | CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
6.2.4 Ensure no legacy '+' entries exist in /etc/group | CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
6.2.4 Ensure no legacy '+' entries exist in /etc/group | CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
9.4 Verify No Legacy '+' Entries Exist in passwd, shadow, and group Files - Check for passwd | CIS Solaris 10 L1 v5.2 | Unix | IDENTIFICATION AND AUTHENTICATION |
13.2 Verify No Legacy "+" Entries Exist in /etc/passwd File | CIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
13.3 Verify No Legacy "+" Entries Exist in /etc/shadow File | CIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
Allow using the deprecated U2F Security Key API (deprecated) | MSCT Edge v98 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
Big Sur - Allow Smartcard Authentication | NIST macOS Big Sur v1.4.0 - 800-53r5 High | Unix | IDENTIFICATION AND AUTHENTICATION |
Big Sur - Allow Smartcard Authentication | NIST macOS Big Sur v1.4.0 - 800-53r5 Low | Unix | IDENTIFICATION AND AUTHENTICATION |
Big Sur - Allow Smartcard Authentication | NIST macOS Big Sur v1.4.0 - 800-53r4 Low | Unix | IDENTIFICATION AND AUTHENTICATION |
Catalina - Allow Smartcard Authentication | NIST macOS Catalina v1.5.0 - 800-53r5 Moderate | Unix | IDENTIFICATION AND AUTHENTICATION |
Catalina - Allow Smartcard Authentication | NIST macOS Catalina v1.5.0 - 800-53r4 Low | Unix | IDENTIFICATION AND AUTHENTICATION |
Centralized authentication - configuration | ArubaOS Switch 16.x Hardening Guide v1.0.0 | ArubaOS | IDENTIFICATION AND AUTHENTICATION |
Centralized authentication - configuration | ArubaOS CX 10.x Hardening Guide v1.0.0 | ArubaOS | IDENTIFICATION AND AUTHENTICATION |
Centralized authentication - tacacs authorization | ArubaOS CX 10.x Hardening Guide v1.0.0 | ArubaOS | IDENTIFICATION AND AUTHENTICATION |
ESXi : enable-ad-auth | VMWare vSphere 6.0 Hardening Guide | VMware | IDENTIFICATION AND AUTHENTICATION |
ESXi : enable-ad-auth | VMWare vSphere 5.X Hardening Guide | VMware | IDENTIFICATION AND AUTHENTICATION |
Huawei: Enable AAA accounting | TNS Huawei VRP Best Practice Audit | Huawei | IDENTIFICATION AND AUTHENTICATION |
Huawei: Enable AAA authentication | TNS Huawei VRP Best Practice Audit | Huawei | IDENTIFICATION AND AUTHENTICATION |
Huawei: Enable AAA authorization | TNS Huawei VRP Best Practice Audit | Huawei | IDENTIFICATION AND AUTHENTICATION |
IBM i : Remote Sign-On Control (QRMTSIGN) - '*REJECT' | IBM iSeries Security Reference v5r4 | AS/400 | IDENTIFICATION AND AUTHENTICATION |
IBM i : Remote Sign-On Control (QRMTSIGN) - '*REJECT' | IBM System i Security Reference for V7R1 and V6R1 | AS/400 | IDENTIFICATION AND AUTHENTICATION |
IBM i : Remote Sign-On Control (QRMTSIGN) - '*REJECT' | IBM System i Security Reference for V7R3 | AS/400 | IDENTIFICATION AND AUTHENTICATION |
IBM i : Remote Sign-On Control (QRMTSIGN) - '*REJECT' | IBM System i Security Reference for V7R2 | AS/400 | IDENTIFICATION AND AUTHENTICATION |
Monterey - Allow Smartcard Authentication | NIST macOS Monterey v1.0.0 - 800-53r4 Moderate | Unix | IDENTIFICATION AND AUTHENTICATION |
Monterey - Allow Smartcard Authentication | NIST macOS Monterey v1.0.0 - CNSSI 1253 | Unix | IDENTIFICATION AND AUTHENTICATION |
Monterey - Allow Smartcard Authentication | NIST macOS Monterey v1.0.0 - All Profiles | Unix | IDENTIFICATION AND AUTHENTICATION |
Monterey - Enforce Smartcard Authentication | NIST macOS Monterey v1.0.0 - 800-53r4 High | Unix | IDENTIFICATION AND AUTHENTICATION |
Monterey - Enforce Smartcard Authentication | NIST macOS Monterey v1.0.0 - 800-53r5 Low | Unix | IDENTIFICATION AND AUTHENTICATION |
Monterey - Enforce Smartcard Authentication | NIST macOS Monterey v1.0.0 - 800-53r4 Moderate | Unix | IDENTIFICATION AND AUTHENTICATION |
Monterey - Enforce Smartcard Authentication | NIST macOS Monterey v1.0.0 - CNSSI 1253 | Unix | IDENTIFICATION AND AUTHENTICATION |
RADIUS and TACACS+ authorization and accounting - accounting commands | ArubaOS Switch 16.x Hardening Guide v1.0.0 | ArubaOS | IDENTIFICATION AND AUTHENTICATION |
RADIUS and TACACS+ authorization and accounting - accounting exec | ArubaOS Switch 16.x Hardening Guide v1.0.0 | ArubaOS | IDENTIFICATION AND AUTHENTICATION |
Restrict Unauthenticated RPC clients | MSCT Windows 11 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
Server-supplied privilege level | ArubaOS Switch 16.x Hardening Guide v1.0.0 | ArubaOS | IDENTIFICATION AND AUTHENTICATION |