CCI|CCI-000766

Title

The information system implements multifactor authentication for network access to non-privileged accounts.

Reference Item Details

Category: 2009

Audit Items

View all Reference Audit Items

NamePluginAudit Name
5.5.7 Ensure multi-factor authentication is enable for users - moduleUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
5.5.7 Ensure multi-factor authentication is enable for users - pam_pkcs11UnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
5.5.7 Ensure multi-factor authentication is enable for users - removalUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
AIX7-00-003200 - The AIX operating system must use Multi Factor Authentication - powerscMFA.licenseUnixDISA STIG AIX 7.x v2r6
AIX7-00-003200 - The AIX operating system must use Multi Factor Authentication - powerscMFA.pam.baseUnixDISA STIG AIX 7.x v2r6
AIX7-00-003200 - The AIX operating system must use Multi Factor Authentication - powerscMFA.pam.fallbackUnixDISA STIG AIX 7.x v2r6
AIX7-00-003200 - The AIX operating system must use Multi Factor Authentication - powerscMFA.pam.pmfamapperUnixDISA STIG AIX 7.x v2r6
AIX7-00-003200 - The AIX operating system must use Multi Factor Authentication - powerscMFA.pam.usbsmartcardUnixDISA STIG AIX 7.x v2r6
AOSX-14-003020 - The macOS system must use multifactor authentication for local and network access to privileged and non-privileged accounts - ChallengeResponseAuthenticationUnixDISA STIG Apple Mac OSX 10.14 v2r6
AOSX-14-003020 - The macOS system must use multifactor authentication for local and network access to privileged and non-privileged accounts - enforceSmartCardUnixDISA STIG Apple Mac OSX 10.14 v2r6
AOSX-14-003020 - The macOS system must use multifactor authentication for local and network access to privileged and non-privileged accounts - PasswordAuthenticationUnixDISA STIG Apple Mac OSX 10.14 v2r6
Big Sur - Enforce multifactor authentication for network access to non-privileged accountsUnixNIST macOS Big Sur v1.4.0 - All Profiles
CASA-VN-000440 - The Cisco ASA remote access VPN server must be configured to enforce certificate-based authentication before granting access to the network.CiscoDISA STIG Cisco ASA VPN v1r1
Catalina - Enforce multifactor authentication for network access to non-privileged accountsUnixNIST macOS Catalina v1.5.0 - All Profiles
Catalina - Enforce Smartcard AuthenticationUnixNIST macOS Catalina v1.5.0 - CNSSI 1253
Catalina - Enforce Smartcard AuthenticationUnixNIST macOS Catalina v1.5.0 - 800-53r5 Low
Catalina - Enforce Smartcard AuthenticationUnixNIST macOS Catalina v1.5.0 - All Profiles
Catalina - Enforce Smartcard AuthenticationUnixNIST macOS Catalina v1.5.0 - 800-53r5 High
Catalina - Enforce Smartcard AuthenticationUnixNIST macOS Catalina v1.5.0 - 800-53r5 Moderate
Catalina - Enforce Smartcard AuthenticationUnixNIST macOS Catalina v1.5.0 - 800-171
Catalina - Enforce Smartcard AuthenticationUnixNIST macOS Catalina v1.5.0 - 800-53r4 Moderate
Catalina - Enforce Smartcard AuthenticationUnixNIST macOS Catalina v1.5.0 - 800-53r4 High
Catalina - Enforce Smartcard AuthenticationUnixNIST macOS Catalina v1.5.0 - 800-53r4 Low
DKER-EE-002180 - SAML integration must be enabled in Docker Enterprise.UnixDISA STIG Docker Enterprise 2.x Linux/Unix UCP v2r1
F5BI-AP-000079 - The BIG-IP APM module must use multifactor authentication for network access to non-privileged accounts.F5DISA F5 BIG-IP Access Policy Manager 11.x STIG v2r1
F5BI-LT-000079 - The BIG-IP Core implementation providing user authentication intermediary services must use multifactor authentication for network access to non-privileged accounts when granting access to virtual servers.F5DISA F5 BIG-IP Local Traffic Manager 11.x STIG v2r1
GEN005527 - The SSH daemon must not allow host-based authentication.UnixDISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit
GEN005527 - The SSH daemon must not allow host-based authentication.UnixDISA STIG for Oracle Linux 5 v2r1
Monterey - Enforce multifactor authentication for network access to non-privileged accountsUnixNIST macOS Monterey v1.0.0 - All Profiles
O112-C2-012900 - The DBMS must use multifactor authentication for access to user accounts - SQLNET.AUTHENTICATION_SERVICESUnixDISA STIG Oracle 11.2g v2r3 Linux
O112-C2-012900 - The DBMS must use multifactor authentication for access to user accounts - SQLNET.AUTHENTICATION_SERVICESWindowsDISA STIG Oracle 11.2g v2r3 Windows
O112-C2-012900 - The DBMS must use multifactor authentication for access to user accounts - SSL_CIPHER_SUITESUnixDISA STIG Oracle 11.2g v2r3 Linux
O112-C2-012900 - The DBMS must use multifactor authentication for access to user accounts - SSL_CIPHER_SUITESWindowsDISA STIG Oracle 11.2g v2r3 Windows
O112-C2-012900 - The DBMS must use multifactor authentication for access to user accounts - SSL_CLIENT_AUTHENTICATIONWindowsDISA STIG Oracle 11.2g v2r3 Windows
O112-C2-012900 - The DBMS must use multifactor authentication for access to user accounts - SSL_CLIENT_AUTHENTICATIONUnixDISA STIG Oracle 11.2g v2r3 Linux
O112-C2-012900 - The DBMS must use multifactor authentication for access to user accounts - SSL_VERSIONUnixDISA STIG Oracle 11.2g v2r3 Linux
O112-C2-012900 - The DBMS must use multifactor authentication for access to user accounts - SSL_VERSIONWindowsDISA STIG Oracle 11.2g v2r3 Windows
O121-C2-012900 - The DBMS must use multifactor authentication for access to user accounts - SQLNET.AUTHENTICATION_SERVICESWindowsDISA STIG Oracle 12c v2r4 Windows
O121-C2-012900 - The DBMS must use multifactor authentication for access to user accounts - SQLNET.AUTHENTICATION_SERVICESUnixDISA STIG Oracle 12c v2r4 Linux
O121-C2-012900 - The DBMS must use multifactor authentication for access to user accounts - SSL_CIPHER_SUITESUnixDISA STIG Oracle 12c v2r4 Linux
O121-C2-012900 - The DBMS must use multifactor authentication for access to user accounts - SSL_CIPHER_SUITESWindowsDISA STIG Oracle 12c v2r4 Windows
O121-C2-012900 - The DBMS must use multifactor authentication for access to user accounts - SSL_CLIENT_AUTHENTICATIONWindowsDISA STIG Oracle 12c v2r4 Windows
O121-C2-012900 - The DBMS must use multifactor authentication for access to user accounts - SSL_CLIENT_AUTHENTICATIONUnixDISA STIG Oracle 12c v2r4 Linux
O121-C2-012900 - The DBMS must use multifactor authentication for access to user accounts - SSL_VERSIONUnixDISA STIG Oracle 12c v2r4 Linux
O121-C2-012900 - The DBMS must use multifactor authentication for access to user accounts - SSL_VERSIONWindowsDISA STIG Oracle 12c v2r4 Windows
OL6-00-000234 - The SSH daemon must ignore .rhosts files - 'IgnoreRhosts yes'UnixDISA STIG Oracle Linux 6 v2r6
OL6-00-000236 - The SSH daemon must not allow host-based authentication.UnixDISA STIG Oracle Linux 6 v2r6
OL07-00-010300 - The Oracle Linux operating system must be configured so that the SSH daemon does not allow authentication using an empty password.UnixDISA Oracle Linux 7 STIG v2r9
OL08-00-020250 - OL 8 must implement multifactor authentication for access to interactive accounts - pam_cert_authUnixDISA Oracle Linux 8 STIG v1r2
OL08-00-020250 - OL 8 must implement multifactor authentication for access to interactive accounts - pam_sss.soUnixDISA Oracle Linux 8 STIG v1r2