Audits
Settings
Links
Tenable Cloud
Tenable Community & Support
Tenable University
Theme
Light
Dark
Auto
Help
Plugins
Overview
Plugins Pipeline
Newest
Updated
Search
Nessus Families
WAS Families
NNM Families
Tenable OT Security Families
Tenable Cloud Security Families
Tenable Self-Hosted Container Security Families
About Plugin Families
Release Notes
Audits
Overview
Newest
Updated
Search Audit Files
Search Items
References
Authorities
Documentation
Download All Audit Files
Indicators
Overview
Search
Indicators of Attack
Indicators of Exposure
Release Notes
CVEs
Overview
Newest
Updated
Search
Attack Path Techniques
Overview
Search
Links
Tenable Cloud
Tenable Community & Support
Tenable University
Settings
Theme
Light
Dark
Auto
Detections
Plugins
Overview
Plugins Pipeline
Release Notes
Newest
Updated
Search
Nessus Families
WAS Families
NNM Families
Tenable OT Security Families
Tenable Cloud Security Families
Tenable Self-Hosted Container Security Families
About Plugin Families
Audits
Overview
Newest
Updated
Search Audit Files
Search Items
References
Authorities
Documentation
Download All Audit Files
Indicators
Overview
Search
Indicators of Attack
Indicators of Exposure
Release Notes
Analytics
CVEs
Overview
Newest
Updated
Search
Attack Path Techniques
Overview
Search
Audits
References
CCI
CCI-001967
CCI
CCI|CCI-001967
Title
Authenticate organization-defined devices and/or types of devices before establishing a local, remote, and/or network connection using bidirectional authentication that is cryptographically based.
Reference Item Details
Reference:
CCI - DISA Control Correlation Identifier
Category:
2024
Audit Items
View all Reference Audit Items
Name
Plugin
Audit Name
1.14 VCSA-80-000077
VMware
CIS VMware vSphere 8.0 vCenter STIG v1.0.0 CAT I
1.17 CISC-ND-001130
Cisco
CIS Cisco IOS XR Router NDM STIG v1.0.0 CAT II
1.19 CISC-ND-001150
Cisco
CIS Cisco IOS XR Router NDM STIG v1.0.0 CAT II
1.26 CISC-ND-001130
Cisco
CIS Cisco NX OS Switch NDM STIG v1.1.0 CAT II
1.28 CISC-ND-001150
Cisco
CIS Cisco NX OS Switch NDM STIG v1.1.0 CAT II
1.28 VCSA-80-000253
VMware
CIS VMware vSphere 8.0 vCenter STIG v1.0.0 CAT II
1.29 VCSA-80-000265
VMware
CIS VMware vSphere 8.0 vCenter STIG v1.0.0 CAT II
1.30 CISC-ND-001130
Cisco
CIS Cisco IOS Switch NDM STIG v1.1.0 CAT II
1.30 CISC-ND-001130
Cisco
CIS Cisco IOS XE Switch NDM STIG v1.1.0 CAT II
1.32 CISC-ND-001150
Cisco
CIS Cisco IOS Switch NDM STIG v1.1.0 CAT II
1.32 CISC-ND-001150
Cisco
CIS Cisco IOS XE Switch NDM STIG v1.1.0 CAT II
1.132 WN10-CC-000165
Windows
CIS Microsoft Windows 10 STIG v1.0.0 CAT II
1.192 WN16-MS-000040
Windows
CIS Microsoft Windows Server 2016 STIG v4.0.0 MS CAT II
1.194 WN19-MS-000040
Windows
CIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT II
1.194 WN22-MS-000040
Windows
CIS Microsoft Windows Server 2022 STIG v3.0.0 MS CAT II
1.214 WN16-SO-000110
Windows
CIS Microsoft Windows Server 2016 STIG v4.0.0 DC CAT II
1.214 WN16-SO-000110
Windows
CIS Microsoft Windows Server 2016 STIG v4.0.0 MS CAT II
1.216 WN19-SO-000090
Windows
CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II
1.216 WN19-SO-000090
Windows
CIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT II
1.216 WN22-SO-000090
Windows
CIS Microsoft Windows Server 2022 STIG v3.0.0 MS CAT II
1.216 WN22-SO-000090
Windows
CIS Microsoft Windows Server 2022 STIG v3.0.0 DC CAT II
1.277 ALMA-09-035550
Unix
CIS Cloud Linux AlmaLinux OS 9 STIG v1.0.0 CAT II
5.123 - Restrict unauthenticated RPC clients.
Windows
DISA Windows Vista STIG v6r41
5.124 - Client computers required to authenticate for RPC communication.
Windows
DISA Windows Vista STIG v6r41
ALMA-09-035550 - AlmaLinux OS 9 must not have the autofs package installed.
Unix
DISA Cloud Linux AlmaLinux OS 9 STIG v1r6
AMLS-L2-000130 - The Arista Multilayer Switch must authenticate all endpoint devices before establishing a network connection using bidirectional authentication that is cryptographically based - aaa authentication dot1x default group
Arista
DISA STIG Arista MLS DCS-7000 Series L2S v1r3
AMLS-L2-000130 - The Arista Multilayer Switch must authenticate all endpoint devices before establishing a network connection using bidirectional authentication that is cryptographically based - dot1x system-auth-control
Arista
DISA STIG Arista MLS DCS-7000 Series L2S v1r3
AMLS-L2-000140 - The Arista Multilayer Switch must re-authenticate all endpoint devices every 60 minutes or less - dot1x reauthentication
Arista
DISA STIG Arista MLS DCS-7000 Series L2S v1r3
AMLS-L2-000140 - The Arista Multilayer Switch must re-authenticate all endpoint devices every 60 minutes or less - dot1x timeout reauth-period 3600
Arista
DISA STIG Arista MLS DCS-7000 Series L2S v1r3
AOSX-14-004020 - The macOS system must authenticate all endpoint devices before establishing a local, remote, and/or network connection using bidirectional authentication that is cryptographically based.
Unix
DISA STIG Apple Mac OSX 10.14 v2r6
AOSX-15-000008 - The macOS system must be configured with Wi-Fi support software disabled.
Unix
DISA STIG Apple Mac OSX 10.15 v1r10
APPL-11-000008 - The macOS system must be configured with Wi-Fi support software disabled.
Unix
DISA STIG Apple macOS 11 v1r5
APPL-11-000008 - The macOS system must be configured with Wi-Fi support software disabled.
Unix
DISA STIG Apple macOS 11 v1r8
APPL-12-002062 - The macOS system must be configured with Bluetooth turned off unless approved by the organization.
Unix
DISA STIG Apple macOS 12 v1r9
APPL-12-005051 - The macOS system must restrict the ability to utilize external writeable media devices.
Unix
DISA STIG Apple macOS 12 v1r9
APPL-13-002062 - The macOS system must be configured with Bluetooth turned off unless approved by the organization.
Unix
DISA STIG Apple macOS 13 v1r5
ARBA-ND-000310 - AOS must be configured to authenticate SNMP messages using a FIPS-validated Keyed-Hash Message Authentication Code (HMAC).
ArubaOS
DISA HPE Aruba Networking AOS NDM STIG v1r1
ARBA-ND-000347 - AOS must authenticate Network Time Protocol (NTP) sources using authentication that is cryptographically based.
ArubaOS
DISA HPE Aruba Networking AOS NDM STIG v1r1
ARBA-NT-000130 - The network element must protect wireless access to the system using Federal Information Processing Standard (FIPS)-validated Advanced Encryption Standard (AES) block cipher algorithms with an approved confidentiality mode.
ArubaOS
DISA HPE Aruba Networking AOS Wireless STIG v1r2
ARST-ND-000600 - The Arista network device must be configured to synchronize internal system clocks using redundant authenticated time sources.
Arista
DISA STIG Arista MLS EOS 4.2x NDM v2r1
ARST-ND-000600 - The Arista network device must be configured to synchronize internal system clocks using redundant authenticated time sources.
Arista
DISA Arista MLS EOS 4.X NDM STIG v2r2
ARST-ND-000660 - The Arista network device must be configured to authenticate SNMP messages using a FIPS-validated Keyed-Hash Message Authentication Code (HMAC).
Arista
DISA Arista MLS EOS 4.X NDM STIG v2r2
ARST-ND-000660 - The Arista network device must be configured to authenticate SNMP messages using a FIPS-validated Keyed-Hash Message Authentication Code (HMAC).
Arista
DISA STIG Arista MLS EOS 4.2x NDM v2r1
CASA-ND-001050 - The Cisco ASA must be configured to authenticate Simple Network Management Protocol (SNMP) messages using a FIPS-validated Keyed-Hash Message Authentication Code (HMAC).
Cisco
DISA STIG Cisco ASA NDM v2r4
CASA-ND-001070 - The Cisco ASA must be configured to encrypt Simple Network Management Protocol (SNMP) messages using a FIPS 140-2 approved algorithm.
Cisco
DISA STIG Cisco ASA NDM v2r4
CASA-ND-001080 - The Cisco ASA must be configured to authenticate Network Time Protocol (NTP) sources using authentication with FIPS-compliant algorithms.
Cisco
DISA STIG Cisco ASA NDM v2r4
CISC-ND-001130 - The Cisco router must be configured to authenticate SNMP messages using a FIPS-validated Keyed-Hash Message Authentication Code (HMAC).
Cisco
DISA Cisco IOS XR Router NDM STIG v3r6
CISC-ND-001130 - The Cisco router must be configured to authenticate SNMP messages using a FIPS-validated Keyed-Hash Message Authentication Code (HMAC).
Cisco
DISA Cisco IOS Router NDM STIG v3r7
CISC-ND-001130 - The Cisco router must be configured to authenticate SNMP messages using a FIPS-validated Keyed-Hash Message Authentication Code (HMAC).
Cisco
DISA Cisco IOS XE Router NDM STIG v3r7
CISC-ND-001130 - The Cisco switch must be configured to authenticate SNMP messages using a FIPS-validated Keyed-Hash Message Authentication Code (HMAC).
Cisco
DISA Cisco IOS Switch NDM STIG v3r7