Audits
Settings
Links
Tenable Cloud
Tenable Community & Support
Tenable University
Theme
Light
Dark
Auto
Help
Plugins
Overview
Plugins Pipeline
Newest
Updated
Search
Nessus Families
WAS Families
NNM Families
LCE Families
Tenable OT Security Families
About Plugin Families
Release Notes
Audits
Overview
Newest
Updated
Search Audit Files
Search Items
References
Authorities
Documentation
Download All Audit Files
Policies
Overview
Search
AWS Resources
Azure Resources
GCP Resources
Kubernetes Resources
Indicators
Overview
Search
Indicators of Attack
Indicators of Exposure
CVEs
Overview
Newest
Updated
Search
Attack Path Techniques
Overview
Search
Links
Tenable Cloud
Tenable Community & Support
Tenable University
Settings
Theme
Light
Dark
Auto
Detections
Plugins
Overview
Plugins Pipeline
Release Notes
Newest
Updated
Search
Nessus Families
WAS Families
NNM Families
LCE Families
Tenable OT Security Families
About Plugin Families
Audits
Overview
Newest
Updated
Search Audit Files
Search Items
References
Authorities
Documentation
Download All Audit Files
Policies
Overview
Search
AWS Resources
Azure Resources
GCP Resources
Kubernetes Resources
Indicators
Overview
Search
Indicators of Attack
Indicators of Exposure
Analytics
CVEs
Overview
Newest
Updated
Search
Attack Path Techniques
Overview
Search
Audits
References
CCI
CCI-000764
CCI
CCI|CCI-000764
Title
The information system uniquely identifies and authenticates organizational users (or processes acting on behalf of organizational users).
Reference Item Details
Reference:
CCI - DISA Control Correlation Identifier
Category:
2009
Audit Items
View all Reference Audit Items
Name
Plugin
Audit Name
1.008 - Shared user accounts are permitted on the system.
Windows
DISA Windows Vista STIG v6r41
4.017 - DOD information system access does not require the use of a password.
Windows
DISA Windows Vista STIG v6r41
4.039 - Built-in Admin Account Status
Windows
DISA Windows Vista STIG v6r41
6.2.3 Ensure all groups in /etc/passwd exist in /etc/group - GIDs referenced in the /etc/passwd file are defined in the /etc/group file.
Unix
CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
AIOS-12-011500 - Apple iOS must implement the management setting: use SSL for Exchange ActiveSync.
MDM
AirWatch - DISA Apple iOS 12 v2r1
AIOS-12-011500 - Apple iOS must implement the management setting: use SSL for Exchange ActiveSync.
MDM
MobileIron - DISA Apple iOS 12 v2r1
AIOS-12-011600 - Apple iOS must implement the management setting: not allow messages in an ActiveSync Exchange account to be forwarded or moved to other accounts in the Apple iOS Mail app.
MDM
AirWatch - DISA Apple iOS 12 v2r1
AIOS-12-011600 - Apple iOS must implement the management setting: not allow messages in an ActiveSync Exchange account to be forwarded or moved to other accounts in the Apple iOS Mail app.
MDM
MobileIron - DISA Apple iOS 12 v2r1
AIOS-13-011500 - Apple iOS/iPadOS must implement the management setting: use SSL for Exchange ActiveSync.
MDM
AirWatch - DISA Apple iOS/iPadOS 13 v2r1
AIOS-13-011500 - Apple iOS/iPadOS must implement the management setting: use SSL for Exchange ActiveSync.
MDM
MobileIron - DISA Apple iOS/iPadOS 13 v2r1
AIOS-13-011600 - Apple iOS/iPadOS must implement the management setting: not allow messages in an ActiveSync Exchange account to be forwarded or moved to other accounts in the Apple iOS/iPadOS Mail app.
MDM
AirWatch - DISA Apple iOS/iPadOS 13 v2r1
AIOS-13-011600 - Apple iOS/iPadOS must implement the management setting: not allow messages in an ActiveSync Exchange account to be forwarded or moved to other accounts in the Apple iOS/iPadOS Mail app.
MDM
MobileIron - DISA Apple iOS/iPadOS 13 v2r1
AIOS-14-009700 - Apple iOS/iPadOS must implement the management setting: use SSL for Exchange ActiveSync.
MDM
MobileIron - DISA Apple iOS/iPadOS 14 v1r3
AIOS-14-009700 - Apple iOS/iPadOS must implement the management setting: use SSL for Exchange ActiveSync.
MDM
AirWatch - DISA Apple iOS/iPadOS 14 v1r3
AIOS-14-009800 - Apple iOS/iPadOS must implement the management setting: not allow messages in an ActiveSync Exchange account to be forwarded or moved to other accounts in the Apple iOS/iPadOS Mail app.
MDM
AirWatch - DISA Apple iOS/iPadOS 14 v1r3
AIOS-14-009800 - Apple iOS/iPadOS must implement the management setting: not allow messages in an ActiveSync Exchange account to be forwarded or moved to other accounts in the Apple iOS/iPadOS Mail app.
MDM
MobileIron - DISA Apple iOS/iPadOS 14 v1r3
AIX7-00-001008 - All accounts on AIX system must have unique account names.
Unix
DISA STIG AIX 7.x v2r9
AIX7-00-001009 - All accounts on AIX must be assigned unique User Identification Numbers (UIDs) and must authenticate organizational and non-organizational users (or processes acting on behalf of these users).
Unix
DISA STIG AIX 7.x v2r9
AIX7-00-001010 - The AIX SYSTEM attribute must not be set to NONE for any account.
Unix
DISA STIG AIX 7.x v2r9
Big Sur - Uniquely Identify Users and Processes
Unix
NIST macOS Big Sur v1.4.0 - All Profiles
Big Sur - Uniquely Identify Users and Processes
Unix
NIST macOS Big Sur v1.4.0 - 800-53r5 Moderate
Big Sur - Uniquely Identify Users and Processes
Unix
NIST macOS Big Sur v1.4.0 - 800-53r5 High
Big Sur - Uniquely Identify Users and Processes
Unix
NIST macOS Big Sur v1.4.0 - 800-53r5 Low
CASA-VN-000410 - The Cisco ASA remote access VPN server must be configured to identify and authenticate users before granting access to the network.
Cisco
DISA STIG Cisco ASA VPN v1r3
Catalina - Uniquely Identify Users and Processes
Unix
NIST macOS Catalina v1.5.0 - 800-53r5 Moderate
Catalina - Uniquely Identify Users and Processes
Unix
NIST macOS Catalina v1.5.0 - 800-53r5 Low
Catalina - Uniquely Identify Users and Processes
Unix
NIST macOS Catalina v1.5.0 - 800-53r5 High
Catalina - Uniquely Identify Users and Processes
Unix
NIST macOS Catalina v1.5.0 - All Profiles
DKER-EE-001100 - LDAP integration in Docker Enterprise must be configured.
Unix
DISA STIG Docker Enterprise 2.x Linux/Unix UCP v2r1
EP11-00-004200 - The EDB Postgres Advanced Server must uniquely identify and authenticate organizational users (or processes acting on behalf of organizational users).
Windows
EDB PostgreSQL Advanced Server v11 Windows OS Audit v2r2
ESXI-06-000037 - The system must use Active Directory for local user authentication.
VMware
DISA STIG VMware vSphere 6.x ESXi v1r5
ESXI-06-000038 - The system must use the vSphere Authentication Proxy to protect passwords when adding ESXi hosts to Active Directory.
VMware
DISA STIG VMware vSphere 6.x ESXi v1r5
ESXI-06-000039 - Active Directory ESX Admin group membership must not be used.
VMware
DISA STIG VMware vSphere 6.x ESXi v1r5
ESXI-65-000037 - The ESXi host must use Active Directory for local user authentication.
VMware
DISA STIG VMware vSphere ESXi 6.5 v2r4
ESXI-65-000038 - The ESXi host must use the vSphere Authentication Proxy to protect passwords when adding ESXi hosts to Active Directory.
VMware
DISA STIG VMware vSphere ESXi 6.5 v2r4
ESXI-65-000039 - Active Directory ESX Admin group membership must not be used when adding ESXi hosts to Active Directory.
VMware
DISA STIG VMware vSphere ESXi 6.5 v2r4
ESXI-67-000037 - The ESXi host must use Active Directory for local user authentication.
VMware
DISA STIG VMware vSphere 6.7 ESXi v1r3
ESXI-67-000038 - ESXi hosts using Host Profiles and/or Auto Deploy must use the vSphere Authentication Proxy to protect passwords when adding themselves to Active Directory.
VMware
DISA STIG VMware vSphere 6.7 ESXi v1r3
ESXI-67-000039 - Active Directory ESX Admin group membership must not be used when adding ESXi hosts to Active Directory.
VMware
DISA STIG VMware vSphere 6.7 ESXi v1r3
ESXI-70-000037 - The ESXi host must use Active Directory for local user authentication.
VMware
DISA STIG VMware vSphere 7.0 ESXi v1r2
ESXI-70-000038 - ESXi hosts using Host Profiles and/or Auto Deploy must use the vSphere Authentication Proxy to protect passwords when adding themselves to Active Directory.
VMware
DISA STIG VMware vSphere 7.0 ESXi v1r2
ESXI-70-000039 - Active Directory ESX Admin group membership must not be used when adding ESXi hosts to Active Directory.
VMware
DISA STIG VMware vSphere 7.0 ESXi v1r2
F5BI-AP-000073 - The BIG-IP APM module must uniquely identify and authenticate organizational users (or processes acting on behalf of organizational users) when connecting to virtual servers.
F5
DISA F5 BIG-IP Access Policy Manager STIG v2r3
F5BI-AP-000077 - The BIG-IP APM module must restrict user authentication traffic to specific authentication server(s) when providing user authentication to virtual servers.
F5
DISA F5 BIG-IP Access Policy Manager STIG v2r3
F5BI-DM-000095 - The BIG-IP appliance must be configured to uniquely identify and authenticate organizational administrators (or processes acting on behalf of organizational administrators).
F5
DISA F5 BIG-IP Device Management STIG v2r3
F5BI-LT-000073 - The BIG-IP Core implementation must be configured to uniquely identify and authenticate organizational users (or processes acting on behalf of organizational users) when connecting to virtual servers.
F5
DISA F5 BIG-IP Local Traffic Manager STIG v2r3
F5BI-LT-000077 - The BIG-IP Core implementation providing user authentication intermediary services must restrict user authentication traffic to specific authentication server(s) when providing access control to virtual servers.
F5
DISA F5 BIG-IP Local Traffic Manager STIG v2r3
GEN000000-AIX00080 - The SYSTEM attribute must not be set to NONE for any account.
Unix
DISA STIG AIX 5.3 v1r2
GEN000000-AIX00080 - The SYSTEM attribute must not be set to NONE for any account.
Unix
DISA STIG AIX 6.1 v1r14
GEN000000-LNX00320 - The system must not have special privilege accounts, such as shutdown and halt - '/etc/passwd - halt'
Unix
DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit