1.1.3.8.1 Set 'Microsoft network server: Disconnect clients when logon hours expire' to 'Enabled' | CIS Windows 8 L1 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
1.1.21 Ensure that the --kubelet-certificate-authority argument is set as appropriate | CIS Kubernetes 1.13 Benchmark v1.4.1 L1 | Unix | IDENTIFICATION AND AUTHENTICATION |
1.1.30 Ensure that the API Server only makes use of Strong Cryptographic Ciphers | CIS Kubernetes 1.13 Benchmark v1.4.1 L1 | Unix | IDENTIFICATION AND AUTHENTICATION |
1.2.2 Set 'transport input ssh' for 'line vty' connections | CIS Cisco IOS 15 L1 v4.1.1 | Cisco | IDENTIFICATION AND AUTHENTICATION |
1.2.2 Set 'transport input ssh' for 'line vty' connections | CIS Cisco IOS 16 L1 v2.0.0 | Cisco | IDENTIFICATION AND AUTHENTICATION |
1.2.4.2.1.15 Set 'Configure use of smart cards on fixed data drives' to 'Enabled' | CIS Windows 8 L1 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
1.4.3 Configure SNMPv3 - engineID | CIS Cisco NX-OS L1 v1.0.0 | Cisco | IDENTIFICATION AND AUTHENTICATION |
1.5.10 Require 'aes 128' as minimum for 'snmp-server user' when using SNMPv3 | CIS Cisco IOS 16 L2 v2.0.0 | Cisco | IDENTIFICATION AND AUTHENTICATION |
2.1.1 Ensure 'SECURE_CONTROL_' Is Set In 'listener.ora' | CIS Oracle Server 12c Windows v3.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
2.1.1.1.1 Set the 'hostname' | CIS Cisco IOS 16 L1 v2.0.0 | Cisco | IDENTIFICATION AND AUTHENTICATION |
2.1.1.1.2 Set the 'ip domain-name' | CIS Cisco IOS 16 L1 v2.0.0 | Cisco | IDENTIFICATION AND AUTHENTICATION |
2.1.1.1.3 Set 'modulus' to greater than or equal to 2048 for 'crypto key generate rsa' | CIS Cisco IOS 16 L1 v2.0.0 | Cisco | IDENTIFICATION AND AUTHENTICATION |
2.1.1.1.4 Set 'seconds' for 'ip ssh timeout' for 60 seconds or less | CIS Cisco IOS 17 L1 v2.0.0 | Cisco | IDENTIFICATION AND AUTHENTICATION |
2.1.1.1.4 Set 'seconds' for 'ip ssh timeout' for 60 seconds or less | CIS Cisco IOS 16 L1 v2.0.0 | Cisco | IDENTIFICATION AND AUTHENTICATION |
2.2.2 Ensure rsh client is not installed | CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
2.2.2 Ensure rsh client is not installed | CIS Debian Family Server L1 v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
2.2.2 Ensure rsh client is not installed | CIS Debian Family Workstation L1 v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
2.2.4 Ensure telnet client is not installed | CIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
2.2.4 Ensure telnet client is not installed | CIS Debian Family Workstation L1 v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
2.3.2 Ensure rsh client is not installed | CIS Distribution Independent Linux Workstation L1 v2.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
3.6.1.5 Ensure SSH PermitEmptyPasswords is disabled | CIS IBM AIX 7.1 L1 v2.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
5.1 Ensure login via 'local' UNIX Domain Socket is configured correctly | CIS PostgreSQL 16 OS v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
5.1 Ensure login via 'local' UNIX Domain Socket is configured correctly | CIS PostgreSQL 9.5 OS v1.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
5.1 Ensure login via 'local' UNIX Domain Socket is configured correctly | CIS PostgreSQL 11 OS v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
5.1 Ensure login via 'local' UNIX Domain Socket is configured correctly - local UNIX Domain Socket is configured correctly | CIS PostgreSQL 13 OS v1.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
5.2.2.1 Ensure multifactor authentication is enabled for all users in administrative roles | CIS Microsoft 365 Foundations E3 L1 v3.0.0 | microsoft_azure | IDENTIFICATION AND AUTHENTICATION |
6.10.1.1 Ensure SSH Service is Configured if Remote CLI is Required | CIS Juniper OS Benchmark v2.1.0 L1 | Juniper | IDENTIFICATION AND AUTHENTICATION |
6.10.1.4 Ensure SSH Rate Limit is Configured | CIS Juniper OS Benchmark v2.1.0 L1 | Juniper | IDENTIFICATION AND AUTHENTICATION |
6.10.1.8 Ensure Strong MACs are set for SSH | CIS Juniper OS Benchmark v2.1.0 L1 | Juniper | IDENTIFICATION AND AUTHENTICATION |
6.10.1.10 Ensure Only Suite B Key Exchange Methods are set for SSH - weak key-exchange | CIS Juniper OS Benchmark v2.1.0 L2 | Juniper | IDENTIFICATION AND AUTHENTICATION |
6.10.1.11 Ensure Strong Key Signing Algorithms are set for SSH | CIS Juniper OS Benchmark v2.1.0 L1 | Juniper | IDENTIFICATION AND AUTHENTICATION |
6.10.1.12 Ensure Only Suite B Based Key Signing Algorithms are set for SSH - DSA keys | CIS Juniper OS Benchmark v2.1.0 L2 | Juniper | IDENTIFICATION AND AUTHENTICATION |
6.10.2.1 Ensure Web-Management is not Set to HTTP | CIS Juniper OS Benchmark v2.1.0 L1 | Juniper | IDENTIFICATION AND AUTHENTICATION |
6.10.2.2 Ensure Web-Management is Set to use HTTPS | CIS Juniper OS Benchmark v2.1.0 L1 | Juniper | IDENTIFICATION AND AUTHENTICATION |
6.10.2.4 Ensure Idle Timeout is Set for Web-Management | CIS Juniper OS Benchmark v2.1.0 L1 | Juniper | IDENTIFICATION AND AUTHENTICATION |
6.10.3.4 Ensure XNM-SSL SSLv3 Support is Not Set | CIS Juniper OS Benchmark v2.1.0 L1 | Juniper | IDENTIFICATION AND AUTHENTICATION |
6.10.5.2 Ensure REST is Set to HTTPS | CIS Juniper OS Benchmark v2.1.0 L1 | Juniper | IDENTIFICATION AND AUTHENTICATION |
6.10.5.6 Ensure REST HTTPS Cipher List is Set to Suite B Only | CIS Juniper OS Benchmark v2.1.0 L2 | Juniper | IDENTIFICATION AND AUTHENTICATION |
7.8 Ensure only MFA enabled identities can access privileged Virtual Machine | CIS Microsoft Azure Foundations v2.1.0 L2 | microsoft_azure | IDENTIFICATION AND AUTHENTICATION |
18.9.16.1 Ensure 'Enumerate administrator accounts on elevation' is set to 'Disabled' | CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
18.9.59.3.9.2 (L1) Ensure 'Require secure RPC communication' is set to 'Enabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | IDENTIFICATION AND AUTHENTICATION |
18.9.59.3.9.3 (L1) Ensure 'Require use of specific security layer for remote (RDP) connections' is set to 'Enabled: SSL' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | IDENTIFICATION AND AUTHENTICATION |
18.9.59.3.9.4 (L1) Ensure 'Require user authentication for remote connections by using Network Level Authentication' is set to 'Enabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | IDENTIFICATION AND AUTHENTICATION |
18.9.59.3.9.5 (L1) Ensure 'Set client connection encryption level' is set to 'Enabled: High Level' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | IDENTIFICATION AND AUTHENTICATION |
18.9.65.3.9.2 Ensure 'Require secure RPC communication' is set to 'Enabled' | CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
18.9.65.3.9.2 Ensure 'Require secure RPC communication' is set to 'Enabled' | CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
18.10.9.2.9 Ensure 'Require additional authentication at startup' is set to 'Enabled' | CIS Microsoft Intune for Windows 10 v2.0.0 L1 + BL | Windows | IDENTIFICATION AND AUTHENTICATION |
18.10.9.2.9 Ensure 'Require additional authentication at startup' is set to 'Enabled' | CIS Microsoft Intune for Windows 11 v2.0.0 L1 + BL | Windows | IDENTIFICATION AND AUTHENTICATION |
18.10.9.2.9 Ensure 'Require additional authentication at startup' is set to 'Enabled' | CIS Microsoft Intune for Windows 11 v2.0.0 L1 + BL + NG | Windows | IDENTIFICATION AND AUTHENTICATION |
18.10.9.2.9 Ensure 'Require additional authentication at startup' is set to 'Enabled' | CIS Microsoft Intune for Windows 10 v2.0.0 L2 + BL + NG | Windows | IDENTIFICATION AND AUTHENTICATION |