CCI|CCI-000015

Title

The organization employs automated mechanisms to support the information system account management functions.

Reference Item Details

Category: 2009

Audit Items

View all Reference Audit Items

NamePluginAudit Name
AIX7-00-001000 - AIX /etc/security/mkuser.sys.custom file must not exist unless it is needed for customizing a new user account.UnixDISA STIG AIX 7.x v2r6
AIX7-00-001000 - AIX /etc/security/mkuser.sys.custom file must not exist unless it is needed for customizing a new user account.UnixDISA STIG AIX 7.x v2r9
AIX7-00-001000 - AIX /etc/security/mkuser.sys.custom file must not exist unless it is needed for customizing a new user account.UnixDISA STIG AIX 7.x v2r1
AIX7-00-001000 - AIX /etc/security/mkuser.sys.custom file must not exist unless it is needed for customizing a new user account.UnixDISA STIG AIX 7.x v2r8
AIX7-00-001000 - AIX /etc/security/mkuser.sys.custom file must not exist unless it is needed for customizing a new user account.UnixDISA STIG AIX 7.x v2r3
AIX7-00-001000 - AIX /etc/security/mkuser.sys.custom file must not exist unless it is needed for customizing a new user account.UnixDISA STIG AIX 7.x v2r5
AIX7-00-001015 - The shipped /etc/security/mkuser.sys file on AIX must not be customized directly.UnixDISA STIG AIX 7.x v2r9
AIX7-00-001015 - The shipped /etc/security/mkuser.sys file on AIX must not be customized directly.UnixDISA STIG AIX 7.x v2r3
AIX7-00-001015 - The shipped /etc/security/mkuser.sys file on AIX must not be customized directly.UnixDISA STIG AIX 7.x v2r8
AIX7-00-001015 - The shipped /etc/security/mkuser.sys file on AIX must not be customized directly.UnixDISA STIG AIX 7.x v2r5
AIX7-00-001015 - The shipped /etc/security/mkuser.sys file on AIX must not be customized directly.UnixDISA STIG AIX 7.x v2r6
AIX7-00-001015 - The shipped /etc/security/mkuser.sys file on AIX must not be customized directly.UnixDISA STIG AIX 7.x v2r1
AIX7-00-001016 - The regular users default primary group must be staff (or equivalent) on AIX.UnixDISA STIG AIX 7.x v2r8
AIX7-00-001016 - The regular users default primary group must be staff (or equivalent) on AIX.UnixDISA STIG AIX 7.x v2r1
AIX7-00-001016 - The regular users default primary group must be staff (or equivalent) on AIX.UnixDISA STIG AIX 7.x v2r6
AIX7-00-001016 - The regular users default primary group must be staff (or equivalent) on AIX.UnixDISA STIG AIX 7.x v2r3
AIX7-00-001016 - The regular users default primary group must be staff (or equivalent) on AIX.UnixDISA STIG AIX 7.x v2r5
AIX7-00-001016 - The regular users default primary group must be staff (or equivalent) on AIX.UnixDISA STIG AIX 7.x v2r9
Big Sur - Employ Automated Mechanisms for Account Management FunctionsUnixNIST macOS Big Sur v1.4.0 - 800-53r5 Moderate
Big Sur - Employ Automated Mechanisms for Account Management FunctionsUnixNIST macOS Big Sur v1.4.0 - 800-53r5 High
Big Sur - Employ Automated Mechanisms for Account Management FunctionsUnixNIST macOS Big Sur v1.4.0 - CNSSI 1253
Big Sur - Employ Automated Mechanisms for Account Management FunctionsUnixNIST macOS Big Sur v1.4.0 - 800-53r4 High
Big Sur - Employ Automated Mechanisms for Account Management FunctionsUnixNIST macOS Big Sur v1.4.0 - 800-53r4 Moderate
Big Sur - Employ Automated Mechanisms for Account Management FunctionsUnixNIST macOS Big Sur v1.4.0 - All Profiles
Catalina - Employ Automated Mechanisms for Account Management FunctionsUnixNIST macOS Catalina v1.5.0 - CNSSI 1253
Catalina - Employ Automated Mechanisms for Account Management FunctionsUnixNIST macOS Catalina v1.5.0 - All Profiles
Catalina - Employ Automated Mechanisms for Account Management FunctionsUnixNIST macOS Catalina v1.5.0 - 800-53r4 High
Catalina - Employ Automated Mechanisms for Account Management FunctionsUnixNIST macOS Catalina v1.5.0 - 800-53r5 High
Catalina - Employ Automated Mechanisms for Account Management FunctionsUnixNIST macOS Catalina v1.5.0 - 800-53r5 Moderate
Catalina - Employ Automated Mechanisms for Account Management FunctionsUnixNIST macOS Catalina v1.5.0 - 800-53r4 Moderate
CNTR-K8-000220 - The Kubernetes Controller Manager must create unique service accounts for each work payload.UnixDISA STIG Kubernetes v1r4
CNTR-K8-000220 - The Kubernetes Controller Manager must create unique service accounts for each work payload.UnixDISA STIG Kubernetes v1r2
CNTR-K8-000220 - The Kubernetes Controller Manager must create unique service accounts for each work payload.UnixDISA STIG Kubernetes v1r6
CNTR-K8-000220 - The Kubernetes Controller Manager must create unique service accounts for each work payload.UnixDISA STIG Kubernetes v1r10
CNTR-K8-000220 - The Kubernetes Controller Manager must create unique service accounts for each work payload.UnixDISA STIG Kubernetes v1r5
CNTR-K8-000220 - The Kubernetes Controller Manager must create unique service accounts for each work payload.UnixDISA STIG Kubernetes v1r8
CNTR-K8-000220 - The Kubernetes Controller Manager must create unique service accounts for each work payload.UnixDISA STIG Kubernetes v1r11
DB2X-00-000300 - DB2 must integrate with an organization-level authentication/access mechanism providing account management - config fileUnixDISA STIG IBM DB2 v10.5 LUW v1r3 OS Linux
DB2X-00-000300 - DB2 must integrate with an organization-level authentication/access mechanism providing account management - config fileWindowsDISA STIG IBM DB2 v10.5 LUW v1r3 OS Windows
DB2X-00-000300 - DB2 must integrate with an organization-level authentication/access mechanism providing account management and automation for all users, groups, roles, and any other principalsUnixDISA STIG IBM DB2 v10.5 LUW v2r1 OS Linux
DB2X-00-000300 - DB2 must integrate with an organization-level authentication/access mechanism providing account management and automation for all users, groups, roles, and any other principalsWindowsDISA STIG IBM DB2 v10.5 LUW v2r1 OS Windows
DB2X-00-000300 - DB2 must integrate with an organization-level authentication/access mechanism providing account management and automation for all users, groups, roles, and any other principals - config fileWindowsDISA STIG IBM DB2 v10.5 LUW v1r4 OS Windows
DB2X-00-000300 - DB2 must integrate with an organization-level authentication/access mechanism providing account management and automation for all users, groups, roles, and any other principals - config fileUnixDISA STIG IBM DB2 v10.5 LUW v1r4 OS Linux
DB2X-00-000300 - DB2 must integrate with an organization-level authentication/access mechanism providing account management and automation for all users, groups, roles, and any other principals - ldap enabledIBM_DB2DBDISA STIG IBM DB2 v10.5 LUW v1r4 Database
DB2X-00-000300 - DB2 must integrate with an organization-level authentication/access mechanism providing account management and automation for all users, groups, roles, and any other principals - ldap enabledIBM_DB2DBDISA STIG IBM DB2 v10.5 LUW v2r1 Database
DKER-EE-001100 - LDAP integration in Docker Enterprise must be configured.UnixDISA STIG Docker Enterprise 2.x Linux/Unix UCP v2r1
DKER-EE-001100 - LDAP integration in Docker Enterprise must be configured.UnixDISA STIG Docker Enterprise 2.x Linux/Unix UCP v1r1
EP11-00-000700 - The EDB Postgres Advanced Server must integrate with an organization-level authentication/access mechanism providing account management and automation for all users, groups, roles, and any other principals.WindowsEDB PostgreSQL Advanced Server v11 Windows OS Audit v1r1
EP11-00-000700 - The EDB Postgres Advanced Server must integrate with an organization-level authentication/access mechanism providing account management and automation for all users, groups, roles, and any other principals.WindowsEDB PostgreSQL Advanced Server v11 Windows OS Audit v2r2
EP11-00-000700 - The EDB Postgres Advanced Server must integrate with an organization-level authentication/access mechanism providing account management and automation for all users, groups, roles, and any other principals.WindowsEDB PostgreSQL Advanced Server v11 Windows OS Audit v2r3