CCI|CCI-000764

Title

The information system uniquely identifies and authenticates organizational users (or processes acting on behalf of organizational users).

Reference Item Details

Category: 2009

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.008 - Shared user accounts are permitted on the system.WindowsDISA Windows Vista STIG v6r41
4.017 - DOD information system access does not require the use of a password.WindowsDISA Windows Vista STIG v6r41
4.039 - Built-in Admin Account StatusWindowsDISA Windows Vista STIG v6r41
6.2.3 Ensure all groups in /etc/passwd exist in /etc/group - GIDs referenced in the /etc/passwd file are defined in the /etc/group file.UnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
AIX7-00-001008 - All accounts on AIX system must have unique account names.UnixDISA STIG AIX 7.x v2r5
AIX7-00-001009 - All accounts on AIX must be assigned unique User Identification Numbers (UIDs) and must authenticate organizational and non-organizational users (or processes acting on behalf of these users).UnixDISA STIG AIX 7.x v2r5
AIX7-00-001010 - The AIX SYSTEM attribute must not be set to NONE for any account.UnixDISA STIG AIX 7.x v2r5
Big Sur - Uniquely Identify Users and ProcessesUnixNIST macOS Big Sur v1.4.0 - All Profiles
Big Sur - Uniquely Identify Users and ProcessesUnixNIST macOS Big Sur v1.4.0 - 800-53r5 Moderate
Big Sur - Uniquely Identify Users and ProcessesUnixNIST macOS Big Sur v1.4.0 - 800-53r5 High
Big Sur - Uniquely Identify Users and ProcessesUnixNIST macOS Big Sur v1.4.0 - 800-53r5 Low
CASA-VN-000410 - The Cisco ASA remote access VPN server must be configured to identify and authenticate users before granting access to the network.CiscoDISA STIG Cisco ASA VPN v1r1
Catalina - Uniquely Identify Users and ProcessesUnixNIST macOS Catalina v1.5.0 - 800-53r5 Low
Catalina - Uniquely Identify Users and ProcessesUnixNIST macOS Catalina v1.5.0 - 800-53r5 Moderate
Catalina - Uniquely Identify Users and ProcessesUnixNIST macOS Catalina v1.5.0 - 800-53r5 High
Catalina - Uniquely Identify Users and ProcessesUnixNIST macOS Catalina v1.5.0 - All Profiles
DKER-EE-001100 - LDAP integration in Docker Enterprise must be configured.UnixDISA STIG Docker Enterprise 2.x Linux/Unix UCP v2r1
EP11-00-004200 - The EDB Postgres Advanced Server must uniquely identify and authenticate organizational users (or processes acting on behalf of organizational users).WindowsEDB PostgreSQL Advanced Server v11 Windows OS Audit v2r1
ESXI-06-000037 - The system must use Active Directory for local user authentication.VMwareDISA STIG VMware vSphere 6.x ESXi v1r5
ESXI-06-000038 - The system must use the vSphere Authentication Proxy to protect passwords when adding ESXi hosts to Active Directory.VMwareDISA STIG VMware vSphere 6.x ESXi v1r5
ESXI-06-000039 - Active Directory ESX Admin group membership must not be used.VMwareDISA STIG VMware vSphere 6.x ESXi v1r5
ESXI-65-000037 - The ESXi host must use Active Directory for local user authentication.VMwareDISA STIG VMware vSphere ESXi 6.5 v2r3
ESXI-65-000038 - The ESXi host must use the vSphere Authentication Proxy to protect passwords when adding ESXi hosts to Active Directory.VMwareDISA STIG VMware vSphere ESXi 6.5 v2r3
ESXI-65-000039 - Active Directory ESX Admin group membership must not be used when adding ESXi hosts to Active Directory.VMwareDISA STIG VMware vSphere ESXi 6.5 v2r3
ESXI-67-000037 - The ESXi host must use Active Directory for local user authentication.VMwareDISA STIG VMware vSphere 6.7 ESXi v1r2
ESXI-67-000038 - ESXi hosts using Host Profiles and/or Auto Deploy must use the vSphere Authentication Proxy to protect passwords when adding themselves to Active Directory.VMwareDISA STIG VMware vSphere 6.7 ESXi v1r2
ESXI-67-000039 - Active Directory ESX Admin group membership must not be used when adding ESXi hosts to Active Directory.VMwareDISA STIG VMware vSphere 6.7 ESXi v1r2
F5BI-AP-000073 - The BIG-IP APM module must uniquely identify and authenticate organizational users (or processes acting on behalf of organizational users) when connecting to virtual servers.F5DISA F5 BIG-IP Access Policy Manager 11.x STIG v2r1
F5BI-AP-000077 - The BIG-IP APM module must restrict user authentication traffic to specific authentication server(s) when providing user authentication to virtual servers - s when providing user auth to virtual servers.F5DISA F5 BIG-IP Access Policy Manager 11.x STIG v2r1
F5BI-DM-000095 - The BIG-IP appliance must be configured to uniquely identify and authenticate organizational administrators (or processes acting on behalf of organizational administrators).F5DISA F5 BIG-IP Device Management 11.x STIG v2r1
F5BI-LT-000073 - The BIG-IP Core implementation must be configured to uniquely identify and authenticate organizational users (or processes acting on behalf of organizational users) when connecting to virtual servers.F5DISA F5 BIG-IP Local Traffic Manager 11.x STIG v2r1
F5BI-LT-000077 - The BIG-IP Core implementation providing user authentication intermediary services must restrict user authentication traffic to specific authentication server(s) when providing access control to virtual servers.F5DISA F5 BIG-IP Local Traffic Manager 11.x STIG v2r1
GEN000000-AIX00080 - The SYSTEM attribute must not be set to NONE for any account.UnixDISA STIG AIX 5.3 v1r2
GEN000000-AIX00080 - The SYSTEM attribute must not be set to NONE for any account.UnixDISA STIG AIX 6.1 v1r14
GEN000000-LNX00320 - The system must not have special privilege accounts, such as shutdown and halt - '/etc/passwd - halt'UnixDISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit
GEN000000-LNX00320 - The system must not have special privilege accounts, such as shutdown and halt - '/etc/passwd - reboot'UnixDISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit
GEN000000-LNX00320 - The system must not have special privilege accounts, such as shutdown and halt - '/etc/passwd - shutdown'UnixDISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit
GEN000000-LNX00320 - The system must not have special privilege accounts, such as shutdown and halt - '/etc/shadow - halt'UnixDISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit
GEN000000-LNX00320 - The system must not have special privilege accounts, such as shutdown and halt - '/etc/shadow - reboot'UnixDISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit
GEN000000-LNX00320 - The system must not have special privilege accounts, such as shutdown and halt - '/etc/shadow - shutdown'UnixDISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit
GEN000000-LNX00320 - The system must not have special privilege accounts, such as shutdown and halt - /etc/passwd halt'UnixDISA STIG for Oracle Linux 5 v2r1
GEN000000-LNX00320 - The system must not have special privilege accounts, such as shutdown and halt - /etc/passwd reboot'UnixDISA STIG for Oracle Linux 5 v2r1
GEN000000-LNX00320 - The system must not have special privilege accounts, such as shutdown and halt - /etc/passwd shutdown'UnixDISA STIG for Oracle Linux 5 v2r1
GEN000000-LNX00320 - The system must not have special privilege accounts, such as shutdown and halt - /etc/shadow halt'UnixDISA STIG for Oracle Linux 5 v2r1
GEN000000-LNX00320 - The system must not have special privilege accounts, such as shutdown and halt - /etc/shadow reboot'UnixDISA STIG for Oracle Linux 5 v2r1
GEN000000-LNX00320 - The system must not have special privilege accounts, such as shutdown and halt - /etc/shadow shutdown'UnixDISA STIG for Oracle Linux 5 v2r1
GEN000000-LNX00560 - The Linux NFS Server must not have the insecure file locking option.UnixDISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit
GEN000000-LNX00560 - The Linux NFS Server must not have the insecure file locking option.UnixDISA STIG for Oracle Linux 5 v2r1
GEN000300 - All accounts on the system must have unique user or account names.UnixDISA STIG Solaris 10 SPARC v2r2
GEN000300 - All accounts on the system must have unique user or account names.UnixDISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit