800-53|IA-3

Title

DEVICE IDENTIFICATION AND AUTHENTICATION

Description

The information system uniquely identifies and authenticates [Assignment: organization-defined specific and/or types of devices] before establishing a [Selection (one or more): local; remote; network] connection.

Supplemental

Organizational devices requiring unique device-to-device identification and authentication may be defined by type, by device, or by a combination of type/device. Information systems typically use either shared known information (e.g., Media Access Control [MAC] or Transmission Control Protocol/Internet Protocol [TCP/IP] addresses) for device identification or organizational authentication solutions (e.g., IEEE 802.1x and Extensible Authentication Protocol [EAP], Radius server with EAP-Transport Layer Security [TLS] authentication, Kerberos) to identify/authenticate devices on local and/or wide area networks. Organizations determine the required strength of authentication mechanisms by the security categories of information systems. Because of the challenges of applying this control on large scale, organizations are encouraged to only apply the control to those limited number (and type) of devices that truly need to support this capability.

Reference Item Details

Related: AC-17,AC-18,AC-19,CA-3,IA-4,IA-5

Category: IDENTIFICATION AND AUTHENTICATION

Family: IDENTIFICATION AND AUTHENTICATION

Priority: P1

Baseline Impact: MODERATE,HIGH

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.1.3.11.3 Set 'Network security: Allow Local System to use computer identity for NTLM' to 'Enabled'WindowsCIS Windows 8 L1 v1.0.0
1.1.27 Disable AutomountingUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.1.28 Disable USB Storage - /bin/trueUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.1.28 Disable USB Storage - blacklistUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.2.4.2.2.27 Set 'Allow Secure Boot for integrity validation' to 'Enabled'WindowsCIS Windows 8 L1 v1.0.0
1.8.18 Ensure graphical user interface automounter is disabled - automountUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.8.18 Ensure graphical user interface automounter is disabled - automount-openUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.8.18 Ensure graphical user interface automounter is disabled - automount-open=falseUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.8.18 Ensure graphical user interface automounter is disabled - automount=falseUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.8.18 Ensure graphical user interface automounter is disabled - autorun-neverUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.11 Ensure Web Tier ELB is using HTTPS listeneramazon_awsCIS Amazon Web Services Three-tier Web Architecture L2 1.0.0
1.14 Ensure App Tier ELB is using HTTPS listeneramazon_awsCIS Amazon Web Services Three-tier Web Architecture L2 1.0.0
1.72 UBTU-22-291010UnixCIS Ubuntu Linux 22.04 LTS STIG v1.0.0 CAT II
1.75 UBTU-24-300039UnixCIS Ubuntu Linux 24.04 LTS STIG v1.0.0 CAT II
1.76 RHEL-09-231040UnixCIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II
1.101 WN19-CC-000070WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT II
1.101 WN19-CC-000070WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II
1.102 WN19-CC-000080WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT II
1.102 WN19-CC-000080WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II
1.177 WN19-DC-000320WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II
1.213 WN19-SO-000060WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT II
1.213 WN19-SO-000060WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II
1.214 WN19-SO-000070WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II
1.214 WN19-SO-000070WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT II
1.215 WN19-SO-000080WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II
1.215 WN19-SO-000080WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT II
1.218 WN19-SO-000110WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II
1.218 WN19-SO-000110WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT II
1.223 WN19-SO-000160WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II
1.223 WN19-SO-000160WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT II
1.224 WN19-SO-000170WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT II
1.224 WN19-SO-000170WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II
1.226 WN19-SO-000190WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II
1.226 WN19-SO-000190WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT II
1.227 WN19-SO-000200WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II
1.227 WN19-SO-000200WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT II
1.233 WN19-SO-000260WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II
1.233 WN19-SO-000260WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT II
1.239 RHEL-09-271020UnixCIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II
1.240 RHEL-09-271025UnixCIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II
1.242 RHEL-09-271035UnixCIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II
1.259 RHEL-09-291010UnixCIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II
1.260 RHEL-09-291015UnixCIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II
1.261 RHEL-09-291020UnixCIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II
1.263 RHEL-09-291030UnixCIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II
1.300 OL08-00-040070UnixCIS Oracle Linux 8 STIG v1.0.0 CAT II
1.301 OL08-00-040080UnixCIS Oracle Linux 8 STIG v1.0.0 CAT II
1.325 OL08-00-040139UnixCIS Oracle Linux 8 STIG v1.0.0 CAT II
1.326 OL08-00-040140UnixCIS Oracle Linux 8 STIG v1.0.0 CAT II
1.327 OL08-00-040141UnixCIS Oracle Linux 8 STIG v1.0.0 CAT II