800-53|IA-5(13)

Title

EXPIRATION OF CACHED AUTHENTICATORS

Description

The information system prohibits the use of cached authenticators after [Assignment: organization-defined time period].

Reference Item Details

Reference: NIST 800-53 - Security and Privacy Controls for Federal Information Systems and Organizations

Category: IDENTIFICATION AND AUTHENTICATION

Parent Title: AUTHENTICATOR MANAGEMENT

Family: IDENTIFICATION AND AUTHENTICATION

Audit Items

View all Reference Audit Items

Name	Plugin	Audit Name
1.1.3.6.5 Set 'Interactive logon: Number of previous logons to cache (in case domain controller is not available)' to '4 or fewer logon(s)'	Windows	CIS Windows 8 L1 v1.0.0
1.1.23 Ensure that the --service-account-lookup argument is set to true	Unix	CIS Kubernetes 1.11 Benchmark v1.3.0 L1
1.1.23 Ensure that the --service-account-lookup argument is set to true	Unix	CIS Kubernetes 1.8 Benchmark v1.2.0 L1
1.1.23 Ensure that the --service-account-lookup argument is set to true	Unix	CIS Kubernetes 1.13 Benchmark v1.4.1 L1
1.1.24 Ensure that the --service-account-lookup argument is set to true	Unix	CIS Kubernetes 1.7.0 Benchmark v1.1.0 L1
1.2.4.5.5 Set 'Do not allow passwords to be saved' to 'Enabled'	Windows	CIS Windows 8 L1 v1.0.0
1.91 UBTU-24-400340	Unix	CIS Ubuntu Linux 24.04 LTS STIG v1.0.0 CAT III
1.110 UBTU-22-631015	Unix	CIS Ubuntu Linux 22.04 LTS STIG v1.0.0 CAT III
1.125 WN16-CC-000370	Windows	CIS Microsoft Windows Server 2016 STIG v4.0.0 MS CAT II
1.125 WN16-CC-000370	Windows	CIS Microsoft Windows Server 2016 STIG v4.0.0 DC CAT II
1.127 WN19-CC-000340	Windows	CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II
1.127 WN19-CC-000340	Windows	CIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT II
1.127 WN22-CC-000340	Windows	CIS Microsoft Windows Server 2022 STIG v3.0.0 DC CAT II
1.127 WN22-CC-000340	Windows	CIS Microsoft Windows Server 2022 STIG v3.0.0 MS CAT II
1.137 WN16-CC-000480	Windows	CIS Microsoft Windows Server 2016 STIG v4.0.0 DC CAT II
1.137 WN16-CC-000480	Windows	CIS Microsoft Windows Server 2016 STIG v4.0.0 MS CAT II
1.138 WN19-CC-000450	Windows	CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II
1.138 WN19-CC-000450	Windows	CIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT II
1.138 WN22-CC-000450	Windows	CIS Microsoft Windows Server 2022 STIG v3.0.0 DC CAT II
1.138 WN22-CC-000450	Windows	CIS Microsoft Windows Server 2022 STIG v3.0.0 MS CAT II
1.148 WN16-DC-000030	Windows	CIS Microsoft Windows Server 2016 STIG v4.0.0 DC CAT II
1.149 WN16-DC-000040	Windows	CIS Microsoft Windows Server 2016 STIG v4.0.0 DC CAT II
1.149 WN19-DC-000030	Windows	CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II
1.149 WN22-DC-000030	Windows	CIS Microsoft Windows Server 2022 STIG v3.0.0 DC CAT II
1.150 WN16-DC-000050	Windows	CIS Microsoft Windows Server 2016 STIG v4.0.0 DC CAT II
1.150 WN19-DC-000040	Windows	CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II
1.150 WN22-DC-000040	Windows	CIS Microsoft Windows Server 2022 STIG v3.0.0 DC CAT II
1.151 WN19-DC-000050	Windows	CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II
1.151 WN22-DC-000050	Windows	CIS Microsoft Windows Server 2022 STIG v3.0.0 DC CAT II
1.156 WN10-CC-000270	Windows	CIS Microsoft Windows 10 STIG v1.0.0 CAT II
1.167 WN10-CC-000325	Windows	CIS Microsoft Windows 10 STIG v1.0.0 CAT II
1.193 OL08-00-020290	Unix	CIS Oracle Linux 8 STIG v1.0.0 CAT II
1.193 WN16-MS-000050	Windows	CIS Microsoft Windows Server 2016 STIG v4.0.0 MS CAT II
1.195 WN19-MS-000050	Windows	CIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT II
1.195 WN22-MS-000050	Windows	CIS Microsoft Windows Server 2022 STIG v3.0.0 MS CAT II
1.202 WN10-SO-000085	Windows	CIS Microsoft Windows 10 STIG v1.0.0 CAT III
1.350 RHEL-09-631020	Unix	CIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II
18.10.56.2.2 (L1) Ensure 'Do not allow passwords to be saved' is set to 'Enabled'	Windows	CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1
18.10.57.2.2 (L1) Ensure 'Do not allow passwords to be saved' is set to 'Enabled'	Windows	CIS Microsoft Windows 10 Enterprise v4.0.0 L1
18.10.57.2.2 (L1) Ensure 'Do not allow passwords to be saved' is set to 'Enabled'	Windows	CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL
18.10.57.2.2 (L1) Ensure 'Do not allow passwords to be saved' is set to 'Enabled'	Windows	CIS Microsoft Windows 10 Stand-alone v4.0.0 L1
18.10.57.2.2 (L1) Ensure 'Do not allow passwords to be saved' is set to 'Enabled'	Windows	CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL
18.10.57.2.2 (L1) Ensure 'Do not allow passwords to be saved' is set to 'Enabled'	Windows	CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NG
18.10.57.2.2 (L1) Ensure 'Do not allow passwords to be saved' is set to 'Enabled'	Windows	CIS Microsoft Windows 10 Enterprise v4.0.0 L1 NG
18.10.57.2.2 (L1) Ensure 'Do not allow passwords to be saved' is set to 'Enabled'	Windows	CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL NG
18.10.57.2.2 (L1) Ensure 'Do not allow passwords to be saved' is set to 'Enabled'	Windows	CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 NG
18.10.57.2.3 (L1) Ensure 'Do not allow passwords to be saved' is set to 'Enabled'	Windows	CIS Microsoft Windows 11 Enterprise v4.0.0 L1
18.10.57.2.3 (L1) Ensure 'Do not allow passwords to be saved' is set to 'Enabled'	Windows	CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLocker
18.10.57.2.3 (L1) Ensure 'Do not allow passwords to be saved' is set to 'Enabled'	Windows	CIS Microsoft Windows 11 Stand-alone v4.0.0 L1
18.10.57.2.3 (L1) Ensure 'Do not allow passwords to be saved' is set to 'Enabled'	Windows	CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BL

Detections

Analytics

800-53|IA-5(13)

Title

Description

Reference Item Details

Audit Items