800-53|AC-17(4)

Title

PRIVILEGED COMMANDS / ACCESS

Description

The organization:

Reference Item Details

Reference: NIST 800-53 - Security and Privacy Controls for Federal Information Systems and Organizations

Related: AC-6

Category: ACCESS CONTROL

Parent Title: REMOTE ACCESS

Family: ACCESS CONTROL

Baseline Impact: MODERATE,HIGH

Audit Items

View all Reference Audit Items

Name	Plugin	Audit Name
1.2 Enable SSH (PermitRootLogin)	Unix	CIS FreeBSD v1.0.5
1.2.3.4.1 Set 'Configure Solicited Remote Assistance' to 'Disabled'	Windows	CIS Windows 8 L1 v1.0.0
1.2.3.4.2 Set 'Configure Offer Remote Assistance' to 'Disabled'	Windows	CIS Windows 8 L1 v1.0.0
1.2.4.6.1 Set 'Disallow Digest authentication' to 'Enabled'	Windows	CIS Windows 8 L1 v1.0.0
1.2.4.6.3 Set 'Allow Basic authentication' to 'Disabled'	Windows	CIS Windows 8 L1 v1.0.0
1.3 Configure SSH - Check if PermitRootLogin is set to no and not commented for server.	Unix	CIS Solaris 9 v1.3
2.2.2 - Configuring SSH - disabling direct root access - 'PermitRootLogin = no'	Unix	CIS AIX 5.3/6.1 L1 v1.1.0
5.2.8 Ensure SSH root login is disabled	Unix	CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0
5.2.8 Ensure SSH root login is disabled	Unix	CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0
5.2.8 Ensure SSH root login is disabled	Unix	CIS Amazon Linux v2.1.0 L1
5.3.10 Ensure SSH root login is disabled	Unix	CIS Ubuntu Linux 18.04 LTS Workstation L1 v2.1.0
5.3.10 Ensure SSH root login is disabled	Unix	CIS Ubuntu Linux 18.04 LTS Server L1 v2.1.0
5.8 Set DCUI.Access to allow trusted users to override lockdown mode	VMware	CIS VMware ESXi 5.1 v1.0.1 Level 1
5.9 Set DCUI.Access to allow trusted users to override lockdown mode	VMware	CIS VMware ESXi 5.5 v1.2.0 Level 1
6.1.9 Disable SSH root Login - Check if PermitRootLogin is set to no and not commented for the server.	Unix	CIS Solaris 10 L1 v5.2
6.6 Disable root login for SSH	Unix	CIS Solaris 11.2 L1 v1.1.0
6.6 Disable root login for SSH - PermitRootLogin = no	Unix	CIS Solaris 11.1 L1 v1.0.0
6.6 Disable root login for SSH - PermitRootLogin = no	Unix	CIS Solaris 11 L1 v1.1.0
9.3.8 Disable SSH Root Login	Unix	CIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0
9.3.8 Disable SSH Root Login	Unix	CIS Debian Linux 7 L1 v1.0.0
18.8.36.1 Ensure 'Configure Offer Remote Assistance' is set to 'Disabled'	Windows	CIS Windows 7 Workstation Level 1 v3.2.0
18.8.36.1 Ensure 'Configure Offer Remote Assistance' is set to 'Disabled'	Windows	CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0
18.8.36.2 Ensure 'Configure Solicited Remote Assistance' is set to 'Disabled'	Windows	CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0
18.8.36.2 Ensure 'Configure Solicited Remote Assistance' is set to 'Disabled'	Windows	CIS Windows 7 Workstation Level 1 v3.2.0
18.9.97.1.1 Ensure 'Allow Basic authentication' is set to 'Disabled' - Client	Windows	CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0
18.9.97.1.1 Ensure 'Allow Basic authentication' is set to 'Disabled' - Client	Windows	CIS Windows 7 Workstation Level 1 v3.2.0
18.9.97.1.3 Ensure 'Disallow Digest authentication' is set to 'Enabled'	Windows	CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0
18.9.97.1.3 Ensure 'Disallow Digest authentication' is set to 'Enabled'	Windows	CIS Windows 7 Workstation Level 1 v3.2.0
18.9.97.2.1 Ensure 'Allow Basic authentication' is set to 'Disabled' - Service	Windows	CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0
18.9.97.2.1 Ensure 'Allow Basic authentication' is set to 'Disabled' - Service	Windows	CIS Windows 7 Workstation Level 1 v3.2.0
18.9.97.2.2 Ensure 'Allow remote server management through WinRM' is set to 'Disabled'	Windows	CIS Windows 7 Workstation Level 2 v3.2.0
18.9.97.2.2 Ensure 'Allow remote server management through WinRM' is set to 'Disabled'	Windows	CIS Windows 7 Workstation Level 2 + Bitlocker v3.2.0
Allow Basic authentication - Client - AllowBasic	Windows	MSCT Windows Server v2004 MS v1.0.0
Allow Basic authentication - Client - AllowBasic	Windows	MSCT Windows Server 1903 MS v1.19.9
Allow Basic authentication - Client - AllowBasic	Windows	MSCT Windows 11 v1.0.0
Allow Basic authentication - Client - AllowBasic	Windows	MSCT Windows Server v1909 DC v1.0.0
Allow Basic authentication - Client - AllowBasic	Windows	MSCT Windows Server 1903 DC v1.19.9
Allow Basic authentication - Client - AllowBasic	Windows	MSCT Windows Server v1909 MS v1.0.0
Allow Basic authentication - Client - AllowBasic	Windows	MSCT Windows Server 2022 v1.0.0
Allow Basic authentication - Client - AllowBasic	Windows	MSCT Windows Server 2016 DC v1.0.0
Allow Basic authentication - Client - AllowBasic	Windows	MSCT Windows 10 1903 v1.19.9
Allow Basic authentication - Client - AllowBasic	Windows	MSCT Windows 11 v23H2 v1.0.0
Allow Basic authentication - Client - AllowBasic	Windows	MSCT Windows 11 v22H2 v1.0.0
Allow Basic authentication - Client - AllowBasic	Windows	MSCT Windows 10 v22H2 v1.0.0
Allow Basic authentication - Client - AllowBasic	Windows	MSCT MSCT Windows Server 2022 DC v1.0.0
Allow Basic authentication - Client - AllowBasic	Windows	MSCT Windows Server 2016 MS v1.0.0
Allow Basic authentication - Client - AllowBasic	Windows	MSCT Windows Server v20H2 DC v1.0.0
Allow Basic authentication - Client - AllowBasic	Windows	MSCT Windows Server v2004 DC v1.0.0
Allow Basic authentication - Client - AllowBasic	Windows	MSCT Windows Server v20H2 MS v1.0.0
Allow Basic authentication - Client - AllowBasic	Windows	MSCT Windows 10 1909 v1.0.0

Detections

Analytics

800-53|AC-17(4)

Title

Description

Reference Item Details

Audit Items