Item Search

NameAudit NamePluginCategory
1.1 Ensure that multi-factor authentication is enabled for all privileged usersCIS Microsoft Azure Foundations v1.3.1 L1microsoft_azure

IDENTIFICATION AND AUTHENTICATION

1.1.1 Ensure multifactor authentication is enabled for all users in administrative rolesCIS Microsoft 365 Foundations E3 L1 v1.4.0microsoft_azure

IDENTIFICATION AND AUTHENTICATION

1.1.3 Configure AAA Authentication - Local SSH keysCIS Cisco NX-OS L1 v1.0.0Cisco

IDENTIFICATION AND AUTHENTICATION

1.1.15 Ensure Sign-in frequency is enabled and browser sessions are not persistent for Administrative users.CIS Microsoft 365 Foundations E3 L1 v1.4.0microsoft_azure

IDENTIFICATION AND AUTHENTICATION

1.1.16 Ensure the option to stay signed in is disabledCIS Microsoft 365 Foundations E3 L2 v1.4.0microsoft_azure

IDENTIFICATION AND AUTHENTICATION

1.2.2 Set 'transport input ssh' for 'line vty' connectionsCIS Cisco IOS 16 L1 v1.1.2Cisco

IDENTIFICATION AND AUTHENTICATION

1.4.3 Configure SNMPv3 - engineIDCIS Cisco NX-OS L2 v1.0.0Cisco

IDENTIFICATION AND AUTHENTICATION

1.4.3 Configure SNMPv3 - engineIDCIS Cisco NX-OS L1 v1.0.0Cisco

IDENTIFICATION AND AUTHENTICATION

1.4.3 Configure SNMPv3 - group v3CIS Cisco NX-OS L2 v1.0.0Cisco

IDENTIFICATION AND AUTHENTICATION

1.4.3 Configure SNMPv3 - group v3CIS Cisco NX-OS L1 v1.0.0Cisco

IDENTIFICATION AND AUTHENTICATION

1.5.9 Set 'priv' for each 'snmp-server group' using SNMPv3CIS Cisco IOS 16 L2 v1.1.2Cisco

IDENTIFICATION AND AUTHENTICATION

1.5.10 Require 'aes 128' as minimum for 'snmp-server user' when using SNMPv3CIS Cisco IOS 16 L2 v1.1.2Cisco

IDENTIFICATION AND AUTHENTICATION

2.1.1.1.1 Set the 'hostname'CIS Cisco IOS 16 L1 v1.1.2Cisco

IDENTIFICATION AND AUTHENTICATION

2.1.1.1.3 Set 'modulus' to greater than or equal to 2048 for 'crypto key generate rsa'CIS Cisco IOS 12 L1 v4.0.0Cisco

IDENTIFICATION AND AUTHENTICATION

2.1.1.1.3 Set 'modulus' to greater than or equal to 2048 for 'crypto key generate rsa'CIS Cisco IOS 16 L1 v1.1.2Cisco

IDENTIFICATION AND AUTHENTICATION

2.1.1.1.4 Set 'seconds' for 'ip ssh timeout'CIS Cisco IOS 12 L1 v4.0.0Cisco

IDENTIFICATION AND AUTHENTICATION

2.2.2 Ensure rsh client is not installedCIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0Unix

IDENTIFICATION AND AUTHENTICATION

2.2.4 Ensure telnet client is not installedCIS Debian Family Server L1 v1.0.0Unix

IDENTIFICATION AND AUTHENTICATION

2.2.4 Ensure telnet client is not installedCIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0Unix

IDENTIFICATION AND AUTHENTICATION

2.3.2 Ensure rsh client is not installedCIS Debian 10 Server L1 v1.0.0Unix

IDENTIFICATION AND AUTHENTICATION

2.3.2 Ensure telnet client is not installedCIS Fedora 28 Family Linux Server L1 v1.0.0Unix

IDENTIFICATION AND AUTHENTICATION

2.3.4 Ensure telnet client is not installedCIS Debian 10 Server L1 v1.0.0Unix

IDENTIFICATION AND AUTHENTICATION

3.6.2.5 Ensure SSH PermitEmptyPasswords is disabledCIS IBM AIX 7.1 L1 v2.0.0Unix

IDENTIFICATION AND AUTHENTICATION

3.6.2.6 Configuring SSH - disallow host based authenticationCIS IBM AIX 7.1 L1 v2.0.0Unix

IDENTIFICATION AND AUTHENTICATION

5.3.9 Ensure multifactor authentication for access to privileged accountsCIS Amazon Linux 2 STIG v1.0.0 L3Unix

IDENTIFICATION AND AUTHENTICATION

6.6.13 Ensure SSH Key Authentication is not set for User LoginsCIS Juniper OS Benchmark v2.1.0 L1Juniper

IDENTIFICATION AND AUTHENTICATION

6.10.1.1 Ensure SSH Service is Configured if Remote CLI is RequiredCIS Juniper OS Benchmark v2.1.0 L1Juniper

IDENTIFICATION AND AUTHENTICATION

6.10.1.2 Ensure SSH is Restricted to Version 2CIS Juniper OS Benchmark v2.1.0 L1Juniper

IDENTIFICATION AND AUTHENTICATION

6.10.1.3 Ensure SSH Connection Limit is SetCIS Juniper OS Benchmark v2.1.0 L1Juniper

IDENTIFICATION AND AUTHENTICATION

6.10.1.4 Ensure SSH Rate Limit is ConfiguredCIS Juniper OS Benchmark v2.1.0 L1Juniper

IDENTIFICATION AND AUTHENTICATION

6.10.1.6 Ensure Strong Ciphers are set for SSHCIS Juniper OS Benchmark v2.1.0 L1Juniper

IDENTIFICATION AND AUTHENTICATION

6.10.1.7 Ensure Only Suite B Ciphers are set for SSH - ciphers restrictionCIS Juniper OS Benchmark v2.1.0 L2Juniper

IDENTIFICATION AND AUTHENTICATION

6.10.1.7 Ensure Only Suite B Ciphers are set for SSH - weak ciphersCIS Juniper OS Benchmark v2.1.0 L2Juniper

IDENTIFICATION AND AUTHENTICATION

6.10.1.8 Ensure Strong MACs are set for SSHCIS Juniper OS Benchmark v2.1.0 L1Juniper

IDENTIFICATION AND AUTHENTICATION

6.10.1.9 Ensure Strong Key Exchange Methods are set for SSHCIS Juniper OS Benchmark v2.1.0 L1Juniper

IDENTIFICATION AND AUTHENTICATION

6.10.1.10 Ensure Only Suite B Key Exchange Methods are set for SSH - key-exchange restrictionCIS Juniper OS Benchmark v2.1.0 L2Juniper

IDENTIFICATION AND AUTHENTICATION

6.10.1.11 Ensure Strong Key Signing Algorithms are set for SSHCIS Juniper OS Benchmark v2.1.0 L1Juniper

IDENTIFICATION AND AUTHENTICATION

6.10.1.12 Ensure Only Suite B Based Key Signing Algorithms are set for SSH - ECDSA KeyCIS Juniper OS Benchmark v2.1.0 L2Juniper

IDENTIFICATION AND AUTHENTICATION

6.10.2.3 Ensure Web-Management is Set to use PKI Certificate for HTTPSCIS Juniper OS Benchmark v2.1.0 L2Juniper

IDENTIFICATION AND AUTHENTICATION

6.10.2.5 Ensure Session Limited is Set for Web-ManagementCIS Juniper OS Benchmark v2.1.0 L1Juniper

IDENTIFICATION AND AUTHENTICATION

6.10.3.1 Ensure XNM-Clear-Text Service is Not SetCIS Juniper OS Benchmark v2.1.0 L1Juniper

IDENTIFICATION AND AUTHENTICATION

6.10.5.1 Ensure REST is Not Set to HTTPCIS Juniper OS Benchmark v2.1.0 L1Juniper

IDENTIFICATION AND AUTHENTICATION

6.10.5.3 Ensure REST is Set to use PKI Certificate for HTTPSCIS Juniper OS Benchmark v2.1.0 L2Juniper

IDENTIFICATION AND AUTHENTICATION

6.10.5.4 Ensure REST HTTPS is Set to use Mutual AuthenticationCIS Juniper OS Benchmark v2.1.0 L2Juniper

IDENTIFICATION AND AUTHENTICATION

6.10.5.5 Ensure REST HTTPS Cipher List is SetCIS Juniper OS Benchmark v2.1.0 L1Juniper

IDENTIFICATION AND AUTHENTICATION

18.9.59.3.9.3 (L1) Ensure 'Require use of specific security layer for remote (RDP) connections' is set to 'Enabled: SSL'CIS Microsoft Windows 8.1 v2.4.0 L1 BitlockerWindows

IDENTIFICATION AND AUTHENTICATION

18.9.59.3.9.3 (L1) Ensure 'Require use of specific security layer for remote (RDP) connections' is set to 'Enabled: SSL'CIS Microsoft Windows 8.1 v2.4.0 L1Windows

IDENTIFICATION AND AUTHENTICATION

18.9.59.3.9.4 (L1) Ensure 'Require user authentication for remote connections by using Network Level Authentication' is set to 'Enabled'CIS Microsoft Windows 8.1 v2.4.0 L1Windows

IDENTIFICATION AND AUTHENTICATION

18.9.59.3.9.4 (L1) Ensure 'Require user authentication for remote connections by using Network Level Authentication' is set to 'Enabled'CIS Microsoft Windows 8.1 v2.4.0 L1 BitlockerWindows

IDENTIFICATION AND AUTHENTICATION

SNMP: Use SNMPv3 onlyTNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice AuditAlcatel

IDENTIFICATION AND AUTHENTICATION