1.1.3 Configure AAA Authentication - Local SSH keys | CIS Cisco NX-OS L1 v1.0.0 | Cisco | IDENTIFICATION AND AUTHENTICATION |
1.2.2 Set 'transport input ssh' for 'line vty' connections | CIS Cisco IOS 17 L1 v2.0.0 | Cisco | IDENTIFICATION AND AUTHENTICATION |
1.2.6 Ensure Multifactor Authentication is Required for Windows Azure Service Management API | CIS Microsoft Azure Foundations v2.1.0 L1 | microsoft_azure | IDENTIFICATION AND AUTHENTICATION |
1.2.7 Ensure Multifactor Authentication is Required to access Microsoft Admin Portals | CIS Microsoft Azure Foundations v2.1.0 L1 | microsoft_azure | IDENTIFICATION AND AUTHENTICATION |
1.4.3 Configure SNMPv3 - engineID | CIS Cisco NX-OS L2 v1.0.0 | Cisco | IDENTIFICATION AND AUTHENTICATION |
1.4.3 Configure SNMPv3 - group v3 | CIS Cisco NX-OS L2 v1.0.0 | Cisco | IDENTIFICATION AND AUTHENTICATION |
1.4.3 Configure SNMPv3 - group v3 | CIS Cisco NX-OS L1 v1.0.0 | Cisco | IDENTIFICATION AND AUTHENTICATION |
1.5.9 Set 'priv' for each 'snmp-server group' using SNMPv3 | CIS Cisco IOS 17 L2 v2.0.0 | Cisco | IDENTIFICATION AND AUTHENTICATION |
1.5.9 Set 'priv' for each 'snmp-server group' using SNMPv3 | CIS Cisco IOS 16 L2 v2.0.0 | Cisco | IDENTIFICATION AND AUTHENTICATION |
1.5.10 Require 'aes 128' as minimum for 'snmp-server user' when using SNMPv3 | CIS Cisco IOS 17 L2 v2.0.0 | Cisco | IDENTIFICATION AND AUTHENTICATION |
1.5.10 Require 'aes 128' as minimum for 'snmp-server user' when using SNMPv3 | CIS Cisco IOS 12 L2 v4.0.0 | Cisco | IDENTIFICATION AND AUTHENTICATION |
2.1.1 Ensure 'SECURE_CONTROL_' Is Set In 'listener.ora' | CIS Oracle Server 18c Linux v1.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
2.1.1 Ensure 'SECURE_CONTROL_' Is Set In 'listener.ora' | CIS Oracle Server 18c Windows v1.1.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
2.1.1.1.1 Set the 'hostname' | CIS Cisco IOS 17 L1 v2.0.0 | Cisco | IDENTIFICATION AND AUTHENTICATION |
2.1.1.1.2 Set the 'ip domain-name' | CIS Cisco IOS 17 L1 v2.0.0 | Cisco | IDENTIFICATION AND AUTHENTICATION |
2.1.1.1.3 Set 'modulus' to greater than or equal to 2048 for 'crypto key generate rsa' | CIS Cisco IOS 12 L1 v4.0.0 | Cisco | IDENTIFICATION AND AUTHENTICATION |
2.1.1.1.3 Set 'modulus' to greater than or equal to 2048 for 'crypto key generate rsa' | CIS Cisco IOS 17 L1 v2.0.0 | Cisco | IDENTIFICATION AND AUTHENTICATION |
2.1.1.1.4 Set 'seconds' for 'ip ssh timeout' | CIS Cisco IOS 12 L1 v4.0.0 | Cisco | IDENTIFICATION AND AUTHENTICATION |
2.2.2 Ensure rsh client is not installed | CIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
2.2.4 Ensure telnet client is not installed | CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
2.2.4 Ensure telnet client is not installed | CIS Debian Family Server L1 v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
3.6.1.6 Configuring SSH - disallow host based authentication | CIS IBM AIX 7.1 L1 v2.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
5.1 Ensure login via 'local' UNIX Domain Socket is configured correctly | CIS PostgreSQL 15 OS v1.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
5.1 Ensure login via 'local' UNIX Domain Socket is configured correctly - local UNIX Domain Socket is configured correctly | CIS PostgreSQL 14 OS v1.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
5.1 Ensure login via 'local' UNIX Domain Socket is configured correctly - local UNIX Domain Socket is configured correctly | CIS PostgreSQL 12 OS v1.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
5.2.2.5 Ensure 'Phishing-resistant MFA strength' is required for Administrators | CIS Microsoft 365 Foundations E3 L2 v3.0.0 | microsoft_azure | IDENTIFICATION AND AUTHENTICATION |
5.2.3.1 Ensure Microsoft Authenticator is configured to protect against MFA fatigue | CIS Microsoft 365 Foundations E3 L1 v3.0.0 | microsoft_azure | IDENTIFICATION AND AUTHENTICATION |
5.3.9 Ensure multifactor authentication for access to privileged accounts | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | IDENTIFICATION AND AUTHENTICATION |
6.6.13 Ensure SSH Key Authentication is not set for User Logins | CIS Juniper OS Benchmark v2.1.0 L1 | Juniper | IDENTIFICATION AND AUTHENTICATION |
6.10.1.2 Ensure SSH is Restricted to Version 2 | CIS Juniper OS Benchmark v2.1.0 L1 | Juniper | IDENTIFICATION AND AUTHENTICATION |
6.10.1.3 Ensure SSH Connection Limit is Set | CIS Juniper OS Benchmark v2.1.0 L1 | Juniper | IDENTIFICATION AND AUTHENTICATION |
6.10.1.6 Ensure Strong Ciphers are set for SSH | CIS Juniper OS Benchmark v2.1.0 L1 | Juniper | IDENTIFICATION AND AUTHENTICATION |
6.10.1.7 Ensure Only Suite B Ciphers are set for SSH - ciphers restriction | CIS Juniper OS Benchmark v2.1.0 L2 | Juniper | IDENTIFICATION AND AUTHENTICATION |
6.10.1.7 Ensure Only Suite B Ciphers are set for SSH - weak ciphers | CIS Juniper OS Benchmark v2.1.0 L2 | Juniper | IDENTIFICATION AND AUTHENTICATION |
6.10.1.9 Ensure Strong Key Exchange Methods are set for SSH | CIS Juniper OS Benchmark v2.1.0 L1 | Juniper | IDENTIFICATION AND AUTHENTICATION |
6.10.1.10 Ensure Only Suite B Key Exchange Methods are set for SSH - key-exchange restriction | CIS Juniper OS Benchmark v2.1.0 L2 | Juniper | IDENTIFICATION AND AUTHENTICATION |
6.10.1.12 Ensure Only Suite B Based Key Signing Algorithms are set for SSH - ECDSA Key | CIS Juniper OS Benchmark v2.1.0 L2 | Juniper | IDENTIFICATION AND AUTHENTICATION |
6.10.2.3 Ensure Web-Management is Set to use PKI Certificate for HTTPS | CIS Juniper OS Benchmark v2.1.0 L2 | Juniper | IDENTIFICATION AND AUTHENTICATION |
6.10.2.5 Ensure Session Limited is Set for Web-Management | CIS Juniper OS Benchmark v2.1.0 L1 | Juniper | IDENTIFICATION AND AUTHENTICATION |
6.10.3.1 Ensure XNM-Clear-Text Service is Not Set | CIS Juniper OS Benchmark v2.1.0 L1 | Juniper | IDENTIFICATION AND AUTHENTICATION |
6.10.5.1 Ensure REST is Not Set to HTTP | CIS Juniper OS Benchmark v2.1.0 L1 | Juniper | IDENTIFICATION AND AUTHENTICATION |
6.10.5.3 Ensure REST is Set to use PKI Certificate for HTTPS | CIS Juniper OS Benchmark v2.1.0 L2 | Juniper | IDENTIFICATION AND AUTHENTICATION |
6.10.5.4 Ensure REST HTTPS is Set to use Mutual Authentication | CIS Juniper OS Benchmark v2.1.0 L2 | Juniper | IDENTIFICATION AND AUTHENTICATION |
6.10.5.5 Ensure REST HTTPS Cipher List is Set | CIS Juniper OS Benchmark v2.1.0 L1 | Juniper | IDENTIFICATION AND AUTHENTICATION |
18.10.9.2.9 Ensure 'Require additional authentication at startup' is set to 'Enabled' | CIS Microsoft Intune for Windows 10 v2.0.0 Bitlocker | Windows | IDENTIFICATION AND AUTHENTICATION |
18.10.9.2.9 Ensure 'Require additional authentication at startup' is set to 'Enabled' | CIS Microsoft Intune for Windows 10 v2.0.0 L1 + BL + NG | Windows | IDENTIFICATION AND AUTHENTICATION |
18.10.9.2.9 Ensure 'Require additional authentication at startup' is set to 'Enabled' | CIS Microsoft Intune for Windows 11 v2.0.0 L2 + BL + NG | Windows | IDENTIFICATION AND AUTHENTICATION |
18.10.9.2.9 Ensure 'Require additional authentication at startup' is set to 'Enabled' | CIS Microsoft Intune for Windows 11 v2.0.0 L2 + BL | Windows | IDENTIFICATION AND AUTHENTICATION |
18.10.9.2.9 Ensure 'Require additional authentication at startup' is set to 'Enabled' | CIS Microsoft Intune for Windows 10 v2.0.0 L2 + BL | Windows | IDENTIFICATION AND AUTHENTICATION |
SNMP: Use SNMPv3 only | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | IDENTIFICATION AND AUTHENTICATION |