Detections
Analytics

800-53|IA-3

Title

DEVICE IDENTIFICATION AND AUTHENTICATION

Description

The information system uniquely identifies and authenticates [Assignment: organization-defined specific and/or types of devices] before establishing a [Selection (one or more): local; remote; network] connection.

Supplemental

Organizational devices requiring unique device-to-device identification and authentication may be defined by type, by device, or by a combination of type/device. Information systems typically use either shared known information (e.g., Media Access Control [MAC] or Transmission Control Protocol/Internet Protocol [TCP/IP] addresses) for device identification or organizational authentication solutions (e.g., IEEE 802.1x and Extensible Authentication Protocol [EAP], Radius server with EAP-Transport Layer Security [TLS] authentication, Kerberos) to identify/authenticate devices on local and/or wide area networks. Organizations determine the required strength of authentication mechanisms by the security categories of information systems. Because of the challenges of applying this control on large scale, organizations are encouraged to only apply the control to those limited number (and type) of devices that truly need to support this capability.

Reference Item Details

Related: AC-17,AC-18,AC-19,CA-3,IA-4,IA-5

Category: IDENTIFICATION AND AUTHENTICATION

Family: IDENTIFICATION AND AUTHENTICATION

Priority: P1

Baseline Impact: MODERATE,HIGH

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.1.3.11.3 Set 'Network security: Allow Local System to use computer identity for NTLM' to 'Enabled'WindowsCIS Windows 8 L1 v1.0.0
1.1.27 Disable AutomountingUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.1.27 Disable AutomountingUnixCIS Amazon Linux 2 STIG v2.0.0 STIG
1.1.27 Disable AutomountingUnixCIS Amazon Linux 2 STIG v2.0.0 L2 Workstation
1.1.27 Disable AutomountingUnixCIS Amazon Linux 2 STIG v2.0.0 L1 Server
1.1.28 Disable USB StorageUnixCIS Amazon Linux 2 STIG v2.0.0 L2 Workstation
1.1.28 Disable USB StorageUnixCIS Amazon Linux 2 STIG v2.0.0 STIG
1.1.28 Disable USB StorageUnixCIS Amazon Linux 2 STIG v2.0.0 L1 Server
1.1.28 Disable USB Storage - /bin/trueUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.1.28 Disable USB Storage - blacklistUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.2.4.2.2.27 Set 'Allow Secure Boot for integrity validation' to 'Enabled'WindowsCIS Windows 8 L1 v1.0.0
1.11 Ensure Web Tier ELB is using HTTPS listeneramazon_awsCIS Amazon Web Services Three-tier Web Architecture L2 1.0.0
1.14 Ensure App Tier ELB is using HTTPS listeneramazon_awsCIS Amazon Web Services Three-tier Web Architecture L2 1.0.0
1.101 WN16-CC-000080WindowsCIS Microsoft Windows Server 2016 STIG v4.0.0 MS CAT II
1.101 WN16-CC-000080WindowsCIS Microsoft Windows Server 2016 STIG v4.0.0 DC CAT II
1.101 WN19-CC-000070WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT II
1.101 WN19-CC-000070WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II
1.101 WN22-CC-000070WindowsCIS Microsoft Windows Server 2022 STIG v3.0.0 DC CAT II
1.101 WN22-CC-000070WindowsCIS Microsoft Windows Server 2022 STIG v3.0.0 MS CAT II
1.102 WN16-CC-000090WindowsCIS Microsoft Windows Server 2016 STIG v4.0.0 DC CAT II
1.102 WN16-CC-000090WindowsCIS Microsoft Windows Server 2016 STIG v4.0.0 MS CAT II
1.102 WN19-CC-000080WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT II
1.102 WN19-CC-000080WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II
1.102 WN22-CC-000080WindowsCIS Microsoft Windows Server 2022 STIG v3.0.0 DC CAT II
1.102 WN22-CC-000080WindowsCIS Microsoft Windows Server 2022 STIG v3.0.0 MS CAT II
1.108 WN10-CC-000040WindowsCIS Microsoft Windows 10 STIG v1.0.0 CAT II
1.110 WN10-CC-000050WindowsCIS Microsoft Windows 10 STIG v1.0.0 CAT II
1.126 WN10-CC-000115WindowsCIS Microsoft Windows 10 STIG v1.0.0 CAT II
1.151 APPL-14-005090UnixCIS Apple macOS 14 (Sonoma) STIG v1.0.0 CAT II
1.176 WN16-DC-000320WindowsCIS Microsoft Windows Server 2016 STIG v4.0.0 DC CAT II
1.177 WN19-DC-000320WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II
1.177 WN22-DC-000320WindowsCIS Microsoft Windows Server 2022 STIG v3.0.0 DC CAT II
1.193 WN10-SO-000035WindowsCIS Microsoft Windows 10 STIG v1.0.0 CAT II
1.194 WN10-SO-000040WindowsCIS Microsoft Windows 10 STIG v1.0.0 CAT II
1.195 WN10-SO-000045WindowsCIS Microsoft Windows 10 STIG v1.0.0 CAT II
1.198 WN10-SO-000060WindowsCIS Microsoft Windows 10 STIG v1.0.0 CAT II
1.204 WN10-SO-000100WindowsCIS Microsoft Windows 10 STIG v1.0.0 CAT II
1.206 WN10-SO-000120WindowsCIS Microsoft Windows 10 STIG v1.0.0 CAT II
1.211 WN16-SO-000080WindowsCIS Microsoft Windows Server 2016 STIG v4.0.0 MS CAT II
1.211 WN16-SO-000080WindowsCIS Microsoft Windows Server 2016 STIG v4.0.0 DC CAT II
1.212 WN16-SO-000090WindowsCIS Microsoft Windows Server 2016 STIG v4.0.0 MS CAT II
1.212 WN16-SO-000090WindowsCIS Microsoft Windows Server 2016 STIG v4.0.0 DC CAT II
1.213 WN16-SO-000100WindowsCIS Microsoft Windows Server 2016 STIG v4.0.0 MS CAT II
1.213 WN16-SO-000100WindowsCIS Microsoft Windows Server 2016 STIG v4.0.0 DC CAT II
1.213 WN19-SO-000060WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT II
1.213 WN19-SO-000060WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II
1.213 WN22-SO-000060WindowsCIS Microsoft Windows Server 2022 STIG v3.0.0 DC CAT II
1.213 WN22-SO-000060WindowsCIS Microsoft Windows Server 2022 STIG v3.0.0 MS CAT II
1.214 WN19-SO-000070WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II
1.214 WN19-SO-000070WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT II