800-53|IA-4

Title

IDENTIFIER MANAGEMENT

Description

The organization manages information system identifiers by:

Supplemental

Common device identifiers include, for example, media access control (MAC), Internet protocol (IP) addresses, or device-unique token identifiers. Management of individual identifiers is not applicable to shared information system accounts (e.g., guest and anonymous accounts). Typically, individual identifiers are the user names of the information system accounts assigned to those individuals. In such instances, the account management activities of AC-2 use account names provided by IA-4. This control also addresses individual identifiers not necessarily associated with information system accounts (e.g., identifiers used in physical security control databases accessed by badge reader systems for access to information systems). Preventing reuse of identifiers implies preventing the assignment of previously used individual, group, role, or device identifiers to different individuals, groups, roles, or devices.

Reference Item Details

Reference: NIST 800-53 - Security and Privacy Controls for Federal Information Systems and Organizations

Related: AC-2,IA-2,IA-3,IA-5,IA-8,SC-37

Category: IDENTIFICATION AND AUTHENTICATION

Family: IDENTIFICATION AND AUTHENTICATION

Priority: P1

Baseline Impact: LOW,MODERATE,HIGH

Audit Items

View all Reference Audit Items

Name	Plugin	Audit Name
1.1.2 Ensure only trusted users are allowed to control Docker daemon	Unix	CIS Docker v1.6.0 L1 Docker Linux
1.1.3.17.7 Set 'User Account Control: Switch to the secure desktop when prompting for elevation' to 'Enabled'	Windows	CIS Windows 8 L1 v1.0.0
1.1.5 Ensure 'Password Policy' is enabled	Cisco	CIS Cisco ASA 9.x Firewall L1 v1.1.0
1.4.1.1 Ensure 'aaa local authentication max failed attempts' is set to less than or equal to '3'	Cisco	CIS Cisco ASA 9.x Firewall L1 v1.1.0
1.10 Ensure 'User consent for applications' is set to 'Do not allow user consent'	microsoft_azure	CIS Microsoft Azure Foundations v2.1.0 L1
1.11 Ensure 'User consent for applications' Is Set To 'Allow for Verified Publishers'	microsoft_azure	CIS Microsoft Azure Foundations v2.1.0 L2
1.15 Ensure that 'Guest invite restrictions' is set to 'Only users assigned to specific admin roles can invite guest users'	microsoft_azure	CIS Microsoft Azure Foundations v2.1.0 L2
1.24 Ensure That 'Subscription leaving Microsoft Entra ID directory' and 'Subscription entering Microsoft Entra ID directory' Is Set To 'Permit No One'	microsoft_azure	CIS Microsoft Azure Foundations v2.1.0 L2
2.7 Ensure that a unique Certificate Authority is used for etcd	Unix	CIS Kubernetes v1.23 Benchmark v1.0.1 L2 Master
2.7 Ensure that a unique Certificate Authority is used for etcd	Unix	CIS Kubernetes v1.24 Benchmark v1.0.0 L2 Master
2.7 Ensure that a unique Certificate Authority is used for etcd	Unix	CIS Kubernetes Benchmark v1.9.0 L2 Master
2.7 Ensure that a unique Certificate Authority is used for etcd	Unix	CIS Kubernetes v1.20 Benchmark v1.0.1 L2 Master
2.14 Ensure containers are restricted from acquiring new privileges	Unix	CIS Docker v1.6.0 L1 Docker Linux
5.1.6.1 Ensure that collaboration invitations are sent to allowed domains only	microsoft_azure	CIS Microsoft 365 Foundations E3 L2 v3.1.0
5.3.1 Ensure 'Privileged Identity Management' is used to manage roles	microsoft_azure	CIS Microsoft 365 Foundations E5 L2 v3.1.0
5.3.2 Ensure system accounts are secured - lock not root	Unix	CIS Google Container-Optimized OS L2 Server v1.1.0
5.3.2 Ensure system accounts are secured - non login	Unix	CIS Google Container-Optimized OS L2 Server v1.1.0
5.5 Ensure CIM access is limited	VMware	CIS VMware ESXi 6.7 v1.1.0 Level 1
5.10 Set DCUI.Access to allow trusted users to override lockdown mode	VMware	CIS VMware ESXi 6.5 v1.0.0 Level 1
6.2.12 Ensure all groups in /etc/passwd exist in /etc/group	Unix	CIS Debian Family Server L1 v1.0.0
6.2.12 Ensure all groups in /etc/passwd exist in /etc/group	Unix	CIS Debian Family Workstation L1 v1.0.0
6.2.13 Ensure no duplicate UIDs exist	Unix	CIS Ubuntu Linux 20.04 LTS Server L1 v1.0.0
6.2.13 Ensure no duplicate UIDs exist	Unix	CIS Ubuntu Linux 20.04 LTS Workstation L1 v1.0.0
6.2.14 Ensure no duplicate GIDs exist	Unix	CIS Ubuntu Linux 20.04 LTS Workstation L1 v1.0.0
6.2.14 Ensure no duplicate GIDs exist	Unix	CIS Ubuntu Linux 20.04 LTS Server L1 v1.0.0
6.2.14 Ensure no duplicate UIDs exist	Unix	CIS Oracle Linux 7 Workstation L1 v3.0.0
6.2.14 Ensure no duplicate UIDs exist	Unix	CIS Red Hat EL7 Workstation L1 v3.0.1
6.2.14 Ensure no duplicate UIDs exist	Unix	CIS SUSE Linux Enterprise 15 Server L1 v1.0.0
6.2.14 Ensure no duplicate UIDs exist	Unix	CIS SUSE Linux Enterprise 15 Workstation L1 v1.0.0
6.2.14 Ensure no duplicate UIDs exist	Unix	CIS Oracle Linux 7 Server L1 v3.0.0
6.2.15 Ensure all groups in /etc/passwd exist in /etc/group	Unix	CIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0
6.2.15 Ensure all groups in /etc/passwd exist in /etc/group	Unix	CIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0
6.2.15 Ensure all groups in /etc/passwd exist in /etc/group	Unix	CIS Ubuntu Linux 18.04 LXD Host L1 Workstation v1.0.0
6.2.15 Ensure no duplicate GIDs exist	Unix	CIS Red Hat EL7 Workstation L1 v3.0.1
6.2.15 Ensure no duplicate GIDs exist	Unix	CIS SUSE Linux Enterprise 15 Workstation L1 v1.0.0
6.2.15 Ensure no duplicate GIDs exist	Unix	CIS SUSE Linux Enterprise 15 Server L1 v1.0.0
17.2.2 (L1) Ensure 'Audit Security Group Management' is set to include 'Success'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker
17.2.2 Ensure 'Audit Security Group Management' is set to include 'Success'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1
17.2.3 (L1) Ensure 'Audit User Account Management' is set to 'Success and Failure'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker
17.2.3 Ensure 'Audit User Account Management' is set to 'Success and Failure'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1
17.5.1 (L1) Ensure 'Audit Account Lockout' is set to include 'Failure'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker
17.5.1 Ensure 'Audit Account Lockout' is set to include 'Failure'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1
17.5.2 (L1) Ensure 'Audit Logoff' is set to include 'Success'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker
17.5.2 Ensure 'Audit Logoff' is set to include 'Success'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1
17.5.3 (L1) Ensure 'Audit Logon' is set to 'Success and Failure'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker
17.5.3 Ensure 'Audit Logon' is set to 'Success and Failure'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1
17.5.4 (L1) Ensure 'Audit Other Logon/Logoff Events' is set to 'Success and Failure'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker
17.5.4 Ensure 'Audit Other Logon/Logoff Events' is set to 'Success and Failure'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1
17.5.5 (L1) Ensure 'Audit Special Logon' is set to include 'Success'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker
17.5.5 Ensure 'Audit Special Logon' is set to include 'Success'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1

Detections

Analytics