Audits
Settings
Links
Tenable Cloud
Tenable Community & Support
Tenable University
Theme
Light
Dark
Auto
Help
Plugins
Overview
Plugins Pipeline
Newest
Updated
Search
Nessus Families
WAS Families
NNM Families
Tenable OT Security Families
Tenable Cloud Security Families
Tenable Self-Hosted Container Security Families
About Plugin Families
Release Notes
Audits
Overview
Newest
Updated
Search Audit Files
Search Items
References
Authorities
Documentation
Download All Audit Files
Indicators
Overview
Search
Indicators of Attack
Indicators of Exposure
Release Notes
CVEs
Overview
Newest
Updated
Search
Attack Path Techniques
Overview
Search
Links
Tenable Cloud
Tenable Community & Support
Tenable University
Settings
Theme
Light
Dark
Auto
Detections
Plugins
Overview
Plugins Pipeline
Release Notes
Newest
Updated
Search
Nessus Families
WAS Families
NNM Families
Tenable OT Security Families
Tenable Cloud Security Families
Tenable Self-Hosted Container Security Families
About Plugin Families
Audits
Overview
Newest
Updated
Search Audit Files
Search Items
References
Authorities
Documentation
Download All Audit Files
Indicators
Overview
Search
Indicators of Attack
Indicators of Exposure
Release Notes
Analytics
CVEs
Overview
Newest
Updated
Search
Attack Path Techniques
Overview
Search
Audits
References
CCI
CCI-000187
CCI
CCI|CCI-000187
Title
For public key-based authentication, map the authenticated identity to the account of the individual or group.
Reference Item Details
Reference:
CCI - DISA Control Correlation Identifier
Category:
2024
Audit Items
View all Reference Audit Items
Name
Plugin
Audit Name
1.14 IBMW-LS-000390
Unix
CIS IBM WebSphere Liberty Server STIG v1.0.0 CAT I
1.17 IBMW-LS-000500
Unix
CIS IBM WebSphere Liberty Server STIG v1.0.0 CAT II
1.36 MADB-10-004200
MySQLDB
CIS MariaDB Enterprise 10.x STIG v1.1.0 CAT II MySQLDB
1.67 AZLX-23-001295
Unix
CIS Amazon Linux 2023 STIG v1.0.0 CAT II
1.71 SLES-15-020030
Unix
CIS SUSE Linux Enterprise Server 15 STIG v1.0.0 CAT II
1.73 O19C-00-015300
OracleDB
CIS Oracle Database 19c STIG v1.1.0 CAT II OracleDB
1.93 UBTU-24-400370
Unix
CIS Ubuntu Linux 24.04 LTS STIG v1.0.0 CAT I
1.108 UBTU-22-612040
Unix
CIS Ubuntu Linux 22.04 LTS STIG v1.0.0 CAT I
1.124 APPL-26-003030
Unix
CIS Apple macOS 26 Tahoe STIG v1.0.0 CAT II
1.125 APPL-14-003030
Unix
CIS Apple macOS 14 Sonoma STIG v1.0.0 CAT II
1.165 OL08-00-020090
Unix
CIS Oracle Linux 8 STIG v1.0.0 CAT II
1.171 OL09-00-000910
Unix
CIS Oracle Linux 9 STIG v1.0.0 CAT II
1.304 ALMA-09-038960
Unix
CIS Cloud Linux AlmaLinux OS 9 STIG v1.0.0 CAT II
1.349 RHEL-09-631015
Unix
CIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II
1.399 RHEL-10-701280
Unix
CIS Red Hat Enterprise Linux 10 STIG v1.0.0 CAT II
ALMA-09-038960 - AlmaLinux OS 9 must map the authenticated identity to the user or group account for PKI-based authentication.
Unix
DISA Cloud Linux AlmaLinux OS 9 STIG v1r6
AOSX-14-003005 - The macOS system must map the authenticated identity to the user or group account for PKI-based authentication.
Unix
DISA STIG Apple Mac OSX 10.14 v2r6
APPL-11-003020 - The macOS system must use multifactor authentication for local access to privileged and non-privileged accounts.
Unix
DISA STIG Apple macOS 11 v1r5
APPL-11-003020 - The macOS system must use multifactor authentication for local access to privileged and non-privileged accounts.
Unix
DISA STIG Apple macOS 11 v1r8
APPL-12-003020 - The macOS system must use multifactor authentication for local access to privileged and non-privileged accounts.
Unix
DISA STIG Apple macOS 12 v1r9
APPL-13-003020 - The macOS system must use multifactor authentication for local access to privileged and nonprivileged accounts.
Unix
DISA STIG Apple macOS 13 v1r5
APPL-14-003030 - The macOS system must allow smart card authentication.
Unix
DISA Apple macOS 14 Sonoma STIG v2r4
APPL-15-003030 - The macOS system must allow smart card authentication.
Unix
DISA Apple macOS 15 Sequoia STIG v1r7
APPL-26-003030 - The macOS system must allow smart card authentication.
Unix
DISA Apple macOS 26 Tahoe STIG v1r2
ARBA-ND-000247 - AOS must be configured to use DOD public key infrastructure (PKI) as multifactor authentication (MFA) for interactive logins.
ArubaOS
DISA HPE Aruba Networking AOS NDM STIG v1r1
ARBA-VN-000490 - The VPN Gateway must uniquely identify and authenticate organizational users (or processes acting on behalf of organizational users).
ArubaOS
DISA HPE Aruba Networking AOS VPN STIG v1r1
AZLX-23-001295 - Amazon Linux 2023 must map the authenticated identity to the user or group account for PKI-based authentication.
Unix
DISA Amazon Linux 2023 STIG v1r3
Big Sur - Enforce Smartcard Authentication
Unix
NIST macOS Big Sur v1.4.0 - CNSSI 1253
Big Sur - Enforce Smartcard Authentication
Unix
NIST macOS Big Sur v1.4.0 - 800-171
Big Sur - Enforce Smartcard Authentication
Unix
NIST macOS Big Sur v1.4.0 - 800-53r4 High
Big Sur - Enforce Smartcard Authentication
Unix
NIST macOS Big Sur v1.4.0 - 800-53r5 High
Big Sur - Enforce Smartcard Authentication
Unix
NIST macOS Big Sur v1.4.0 - 800-53r5 Moderate
Big Sur - Enforce Smartcard Authentication
Unix
NIST macOS Big Sur v1.4.0 - 800-53r4 Low
Big Sur - Enforce Smartcard Authentication
Unix
NIST macOS Big Sur v1.4.0 - 800-53r4 Moderate
Big Sur - Enforce Smartcard Authentication
Unix
NIST macOS Big Sur v1.4.0 - 800-53r5 Low
Big Sur - Enforce Smartcard Authentication
Unix
NIST macOS Big Sur v1.4.0 - All Profiles
Big Sur - Map identity for PKI based authentication
Unix
NIST macOS Big Sur v1.4.0 - All Profiles
Big Sur - Map identity for PKI based authentication
Unix
NIST macOS Big Sur v1.4.0 - CNSSI 1253
CASA-VN-000390 - The Cisco ASA remote access VPN server must be configured to use a separate authentication server than that used for administrative access.
Cisco
DISA STIG Cisco ASA VPN v2r2
CASA-VN-000450 - The Cisco ASA remote access VPN server must be configured to map the distinguished name (DN) from the client's certificate to entries in the authentication server to determine authorization to access the network.
Cisco
DISA STIG Cisco ASA VPN v2r2
Catalina - Enforce Smartcard Authentication
Unix
NIST macOS Catalina v1.5.0 - 800-53r4 High
Catalina - Enforce Smartcard Authentication
Unix
NIST macOS Catalina v1.5.0 - 800-53r5 Moderate
Catalina - Enforce Smartcard Authentication
Unix
NIST macOS Catalina v1.5.0 - 800-53r4 Low
Catalina - Enforce Smartcard Authentication
Unix
NIST macOS Catalina v1.5.0 - 800-53r4 Moderate
Catalina - Enforce Smartcard Authentication
Unix
NIST macOS Catalina v1.5.0 - All Profiles
Catalina - Enforce Smartcard Authentication
Unix
NIST macOS Catalina v1.5.0 - CNSSI 1253
Catalina - Enforce Smartcard Authentication
Unix
NIST macOS Catalina v1.5.0 - 800-171
Catalina - Enforce Smartcard Authentication
Unix
NIST macOS Catalina v1.5.0 - 800-53r5 High
CD12-00-011800 - PostgreSQL must map the PKI-authenticated identity to an associated user account.
Unix
DISA STIG Crunchy Data PostgreSQL OS v3r1
CD16-00-004200 - PostgreSQL must map the PKI-authenticated identity to an associated user account.
Unix
DISA Crunchy Data Postgres 16 STIG v1r2 Unix