800-53|IA-5(1)(c)

Title

PASSWORD-BASED AUTHENTICATION

Description

Stores and transmits only cryptographically-protected passwords;

Reference Item Details

Reference: NIST 800-53 - Security and Privacy Controls for Federal Information Systems and Organizations

Category: IDENTIFICATION AND AUTHENTICATION

Family: IDENTIFICATION AND AUTHENTICATION

Audit Items

View all Reference Audit Items

Name	Plugin	Audit Name
1.1.1.7 Set 'Store passwords using reversible encryption' to 'Disabled'	Windows	CIS Windows 8 L1 v1.0.0
1.1.2 Ensure that the --basic-auth-file argument is not set	Unix	CIS Kubernetes 1.11 Benchmark v1.3.0 L1
1.1.2 Ensure that the --basic-auth-file argument is not set	Unix	CIS Kubernetes 1.8 Benchmark v1.2.0 L1
1.1.2.3 Ensure 'Authentication with Exchange server.' is set to 'Enabled:Kerberos/NTLM Password Authentication'	Windows	CIS Microsoft Office Outlook 2013 v1.1.0 Level 1
1.1.2.3 Ensure 'Authentication with Exchange server.' is set to 'Enabled:Kerberos/NTLM Password Authentication'	Windows	CIS Microsoft Office Outlook 2016 v1.1.0 Level 1
1.1.3 Ensure that the --basic-auth-file argument is not set	Unix	CIS Kubernetes 1.7.0 Benchmark v1.1.0 L1
1.1.6 Ensure 'Store passwords using reversible encryption' is set to 'Disabled'	Windows	CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0
1.1.6 Ensure 'Store passwords using reversible encryption' is set to 'Disabled'	Windows	CIS Windows 7 Workstation Level 1 v3.2.0
1.1.19 Ensure that the --token-auth-file parameter is not set	Unix	CIS Kubernetes 1.8 Benchmark v1.2.0 L1
1.1.20 Ensure that the --token-auth-file parameter is not set	Unix	CIS Kubernetes 1.11 Benchmark v1.3.0 L1
1.1.21 Ensure that the --token-auth-file parameter is not set	Unix	CIS Kubernetes 1.7.0 Benchmark v1.1.0 L1
1.2 Password Security Policy - d) Check either of the following words exist in configuration file	ZTE_ROSNG	Tenable ZTE ROSNG
1.2.1 Set 'privilege 1' for local users - 'All users have encrypted passwords'	Cisco	CIS Cisco IOS 16 L1 v2.0.0
1.4 SNMP Security - a) SNMP Community Security	ZTE_ROSNG	Tenable ZTE ROSNG
1.4.1 Set 'password' for 'enable secret'	Cisco	CIS Cisco IOS 12 L1 v4.0.0
1.4.2 Enable 'service password-encryption'	Cisco	CIS Cisco IOS 12 L1 v4.0.0
1.9 Set 'Configure login authentication for POP3' to 'SecureLogin'	Windows	CIS Microsoft Exchange Server 2013 CAS v1.1.0
1.9 Set 'Configure login authentication for POP3' to 'SecureLogin'	Windows	CIS Microsoft Exchange Server 2016 CAS v1.0.0
1.15 Set 'Configure login authentication for IMAP4' to 'SecureLogin'	Windows	CIS Microsoft Exchange Server 2013 CAS v1.1.0
1.15 Set 'Configure login authentication for IMAP4' to 'SecureLogin'	Windows	CIS Microsoft Exchange Server 2016 CAS v1.0.0
2.3.10.4 Ensure 'Network access: Do not allow storage of passwords and credentials for network authentication' is set to 'Enabled'	Windows	CIS Microsoft Windows Server 2022 v2.0.0 L2 MS
2.3.10.4 Ensure 'Network access: Do not allow storage of passwords and credentials for network authentication' is set to 'Enabled'	Windows	CIS Microsoft Windows Server 2008 Member Server Level 2 v3.3.1
2.3.10.4 Ensure 'Network access: Do not allow storage of passwords and credentials for network authentication' is set to 'Enabled'	Windows	CIS Microsoft Windows Server 2022 v2.0.0 L2 DC
2.3.10.4 Ensure 'Network access: Do not allow storage of passwords and credentials for network authentication' is set to 'Enabled'	Windows	CIS Microsoft Windows 10 Stand-alone v2.0.0 L1
2.3.10.4 Ensure 'Network access: Do not allow storage of passwords and credentials for network authentication' is set to 'Enabled'	Windows	CIS Microsoft Windows 10 Enterprise v2.0.0 L1 + NG
2.3.10.4 Ensure 'Network access: Do not allow storage of passwords and credentials for network authentication' is set to 'Enabled'	Windows	CIS Microsoft Windows Server 2008 Domain Controller Level 2 v3.3.1
2.3.10.4 Ensure 'Network access: Do not allow storage of passwords and credentials for network authentication' is set to 'Enabled'	Windows	CIS Microsoft Windows Server 2008 R2 Member Server Level 2 v3.3.1
2.3.10.4 Ensure 'Network access: Do not allow storage of passwords and credentials for network authentication' is set to 'Enabled'	Windows	CIS Windows Server 2012 R2 MS L2 v3.0.0
2.3.10.4 Ensure 'Network access: Do not allow storage of passwords and credentials for network authentication' is set to 'Enabled'	Windows	CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0
2.3.10.4 Ensure 'Network access: Do not allow storage of passwords and credentials for network authentication' is set to 'Enabled'	Windows	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 2 v3.3.1
2.3.10.4 Ensure 'Network access: Do not allow storage of passwords and credentials for network authentication' is set to 'Enabled'	Windows	CIS Microsoft Windows 11 Stand-alone v2.0.0 L1
2.3.10.4 Ensure 'Network access: Do not allow storage of passwords and credentials for network authentication' is set to 'Enabled'	Windows	CIS Windows Server 2012 R2 DC L2 v3.0.0
2.3.10.4 Ensure 'Network access: Do not allow storage of passwords and credentials for network authentication' is set to 'Enabled'	Windows	CIS Microsoft Windows Server 2019 Standalone DC L2 v1.0.0
2.3.10.4 Ensure 'Network access: Do not allow storage of passwords and credentials for network authentication' is set to 'Enabled'	Windows	CIS Microsoft Windows Server 2016 MS L2 v2.0.0
2.3.10.4 Ensure 'Network access: Do not allow storage of passwords and credentials for network authentication' is set to 'Enabled'	Windows	CIS Microsoft Windows Server 2019 MS L2 v2.0.0
2.3.10.4 Ensure 'Network access: Do not allow storage of passwords and credentials for network authentication' is set to 'Enabled'	Windows	CIS Microsoft Windows Server 2019 DC L2 v2.0.0
2.3.10.4 Ensure 'Network access: Do not allow storage of passwords and credentials for network authentication' is set to 'Enabled'	Windows	CIS Windows Server 2016 DC L2 v2.0.0
2.3.10.4 Ensure 'Network access: Do not allow storage of passwords and credentials for network authentication' is set to 'Enabled'	Windows	CIS Windows 7 Workstation Level 1 v3.2.0
2.3.10.4 Ensure 'Network access: Do not allow storage of passwords and credentials for network authentication' is set to 'Enabled'	Windows	CIS Microsoft Windows 10 Enterprise v2.0.0 L1 + BL + NG
2.3.10.4 Ensure 'Network access: Do not allow storage of passwords and credentials for network authentication' is set to 'Enabled'	Windows	CIS Microsoft Windows 10 Stand-alone v2.0.0 L1 + NG
2.3.10.4 Ensure 'Network access: Do not allow storage of passwords and credentials for network authentication' is set to 'Enabled'	Windows	CIS Microsoft Windows 10 Stand-alone v2.0.0 L1 + BL
2.3.10.4 Ensure 'Network access: Do not allow storage of passwords and credentials for network authentication' is set to 'Enabled'	Windows	CIS Microsoft Windows 10 Stand-alone v2.0.0 L1 + BL + NG
2.3.10.4 Ensure 'Network access: Do not allow storage of passwords and credentials for network authentication' is set to 'Enabled'	Windows	CIS Microsoft Windows 11 Enterprise v2.0.0 L1
2.3.10.4 Ensure 'Network access: Do not allow storage of passwords and credentials for network authentication' is set to 'Enabled'	Windows	CIS Microsoft Windows 10 Enterprise v2.0.0 L1
2.3.10.4 Ensure 'Network access: Do not allow storage of passwords and credentials for network authentication' is set to 'Enabled'	Windows	CIS Microsoft Windows 11 Stand-alone v2.0.0 L1 + BL
2.3.10.4 Ensure 'Network access: Do not allow storage of passwords and credentials for network authentication' is set to 'Enabled'	Windows	CIS Microsoft Windows 10 EMS Gateway v2.0.0 L1
2.3.10.4 Ensure 'Network access: Do not allow storage of passwords and credentials for network authentication' is set to 'Enabled'	Windows	CIS Microsoft Windows 10 Enterprise v2.0.0 L1 + BL
2.3.10.4 Ensure 'Network access: Do not allow storage of passwords and credentials for network authentication' is set to 'Enabled'	Windows	CIS Microsoft Windows 11 Enterprise v2.0.0 L1 + BL
2.3.10.4 Ensure 'Network access: Do not allow storage of passwords and credentials for network authentication' is set to 'Enabled'	Windows	CIS Windows Server 2012 MS L2 v3.0.0
2.3.10.4 Ensure 'Network access: Do not allow storage of passwords and credentials for network authentication' is set to 'Enabled'	Windows	CIS Windows Server 2012 DC L2 v3.0.0

Detections

Analytics

800-53|IA-5(1)(c)

Title

Description

Reference Item Details

Audit Items