800-53|AC-2(9)

Title

RESTRICTIONS ON USE OF SHARED / GROUP ACCOUNTS

Description

The organization only permits the use of shared/group accounts that meet [Assignment: organization-defined conditions for establishing shared/group accounts].

Reference Item Details

Category: ACCESS CONTROL

Parent Title: ACCOUNT MANAGEMENT

Family: ACCESS CONTROL

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.3.1 Ensure sudo is installedUnixCIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0
1.3.1 Ensure sudo is installedUnixCIS Debian Family Workstation L1 v1.0.0
1.3.1 Ensure sudo is installedUnixCIS Debian 10 Server L1 v1.0.0
1.3.1 Ensure sudo is installedUnixCIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0
1.3.1 Ensure sudo is installedUnixCIS Debian Family Server L1 v1.0.0
1.3.1 Ensure sudo is installedUnixCIS Ubuntu Linux 18.04 LXD Host L1 Workstation v1.0.0
1.3.1 Ensure sudo is installedUnixCIS Debian 10 Workstation L1 v1.0.0
1.3.2 Ensure sudo commands use ptyUnixCIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0
1.3.2 Ensure sudo commands use ptyUnixCIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0
1.3.2 Ensure sudo commands use ptyUnixCIS Debian Family Workstation L1 v1.0.0
1.3.2 Ensure sudo commands use ptyUnixCIS Debian Family Server L1 v1.0.0
1.3.2 Ensure sudo commands use ptyUnixCIS Ubuntu Linux 18.04 LXD Host L1 Workstation v1.0.0
1.3.2 Ensure sudo commands use ptyUnixCIS Debian 10 Server L1 v1.0.0
1.3.2 Ensure sudo commands use ptyUnixCIS Debian 10 Workstation L1 v1.0.0
1.4.2.1 Ensure 'TACACS+/RADIUS' is configured correctly - protocolCiscoCIS Cisco Firewall v8.x L1 v4.2.0
1.4.2.1 Ensure 'TACACS+/RADIUS' is configured correctly - serverCiscoCIS Cisco Firewall v8.x L1 v4.2.0
1.4.3.1 Ensure 'aaa authentication enable console' is configured correctlyCiscoCIS Cisco Firewall v8.x L1 v4.2.0
1.4.3.1 Ensure 'aaa authentication enable console' is configured correctlyCiscoCIS Cisco ASA 9.x Firewall L1 v1.0.0
1.4.3.1 Ensure 'aaa authentication enable console' is configured correctlyCiscoCIS Cisco Firewall ASA 9 L1 v4.1.0
1.4.3.2 Ensure 'aaa authentication http console' is configured correctlyCiscoCIS Cisco Firewall v8.x L1 v4.2.0
1.4.3.2 Ensure 'aaa authentication http console' is configured correctlyCiscoCIS Cisco Firewall ASA 9 L1 v4.1.0
1.4.3.2 Ensure 'aaa authentication http console' is configured correctlyCiscoCIS Cisco ASA 9.x Firewall L1 v1.0.0
1.4.3.3 Ensure 'aaa authentication secure-http-client' is configured correctlyCiscoCIS Cisco Firewall ASA 9 L1 v4.1.0
1.4.3.3 Ensure 'aaa authentication secure-http-client' is configured correctlyCiscoCIS Cisco ASA 9.x Firewall L1 v1.0.0
1.4.3.3 Ensure 'aaa authentication secure-http-client' is configured correctlyCiscoCIS Cisco Firewall v8.x L1 v4.2.0
1.4.3.4 Ensure 'aaa authentication serial console' is configured correctlyCiscoCIS Cisco Firewall v8.x L1 v4.2.0
1.4.3.4 Ensure 'aaa authentication serial console' is configured correctlyCiscoCIS Cisco ASA 9.x Firewall L1 v1.0.0
1.4.3.4 Ensure 'aaa authentication serial console' is configured correctlyCiscoCIS Cisco Firewall ASA 9 L1 v4.1.0
1.4.3.5 Ensure 'aaa authentication ssh console' is configured correctlyCiscoCIS Cisco ASA 9.x Firewall L1 v1.0.0
1.4.3.5 Ensure 'aaa authentication ssh console' is configured correctlyCiscoCIS Cisco Firewall v8.x L1 v4.2.0
1.4.3.5 Ensure 'aaa authentication ssh console' is configured correctlyCiscoCIS Cisco Firewall ASA 9 L1 v4.1.0
1.4.3.6 Ensure 'aaa authentication telnet console' is configured correctlyCiscoCIS Cisco Firewall v8.x L1 v4.2.0
1.4.4.1 Ensure 'aaa command authorization' is configured correctlyCiscoCIS Cisco Firewall v8.x L1 v4.2.0
1.4.4.1 Ensure 'aaa command authorization' is configured correctlyCiscoCIS Cisco Firewall ASA 9 L1 v4.1.0
1.4.4.1 Ensure 'aaa command authorization' is configured correctlyCiscoCIS Cisco ASA 9.x Firewall L1 v1.0.0
1.4.4.2 Ensure 'aaa authorization exec' is configured correctlyCiscoCIS Cisco Firewall ASA 9 L1 v4.1.0
1.4.4.2 Ensure 'aaa authorization exec' is configured correctlyCiscoCIS Cisco ASA 9.x Firewall L1 v1.0.0
1.4.4.2 Ensure 'aaa authorization exec' is configured correctlyCiscoCIS Cisco Firewall v8.x L1 v4.2.0
17.8.1 (L1) Ensure 'Audit Sensitive Privilege Use' is set to 'Success and Failure'WindowsCIS Microsoft Windows 8.1 v2.4.0 L1 Bitlocker
17.8.1 (L1) Ensure 'Audit Sensitive Privilege Use' is set to 'Success and Failure'WindowsCIS Microsoft Windows 8.1 v2.4.0 L1
18.3.1 (L1) Ensure 'Apply UAC restrictions to local accounts on network logons' is set to 'Enabled'WindowsCIS Microsoft Windows 8.1 v2.4.0 L1 Bitlocker
18.3.1 (L1) Ensure 'Apply UAC restrictions to local accounts on network logons' is set to 'Enabled'WindowsCIS Microsoft Windows 8.1 v2.4.0 L1
18.4.1 (L1) Ensure 'MSS: (AutoAdminLogon) Enable Automatic Logon (not recommended)' is set to 'Disabled'WindowsCIS Microsoft Windows 8.1 v2.4.0 L1 Bitlocker
18.4.1 (L1) Ensure 'MSS: (AutoAdminLogon) Enable Automatic Logon (not recommended)' is set to 'Disabled'WindowsCIS Microsoft Windows 8.1 v2.4.0 L1
18.5.11.2 (L1) Ensure 'Prohibit installation and configuration of Network Bridge on your DNS domain network' is set to 'Enabled'WindowsCIS Microsoft Windows 8.1 v2.4.0 L1 Bitlocker
18.5.11.2 (L1) Ensure 'Prohibit installation and configuration of Network Bridge on your DNS domain network' is set to 'Enabled'WindowsCIS Microsoft Windows 8.1 v2.4.0 L1
18.5.11.3 (L1) Ensure 'Require domain users to elevate when setting a network's location' is set to 'Enabled'WindowsCIS Microsoft Windows 8.1 v2.4.0 L1 Bitlocker
18.5.11.3 (L1) Ensure 'Require domain users to elevate when setting a network's location' is set to 'Enabled'WindowsCIS Microsoft Windows 8.1 v2.4.0 L1
18.5.11.3 Ensure 'Require domain users to elevate when setting a network's location' is set to 'Enabled'WindowsCIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.0
18.5.11.3 Ensure 'Require domain users to elevate when setting a network's location' is set to 'Enabled'WindowsCIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.0