CCI|CCI-001967

Title

The information system authenticates organization-defined devices and/or types of devices before establishing a local, remote, and/or network connection using bidirectional authentication that is cryptographically based.

Reference Item Details

Category: 2013

Audit Items

View all Reference Audit Items

NamePluginAudit Name
5.123 - Restrict unauthenticated RPC clients.WindowsDISA Windows Vista STIG v6r41
5.124 - Client computers required to authenticate for RPC communication.WindowsDISA Windows Vista STIG v6r41
AMLS-L2-000130 - The Arista Multilayer Switch must authenticate all endpoint devices before establishing a network connection using bidirectional authentication that is cryptographically based - aaa authentication dot1x default groupAristaDISA STIG Arista MLS DCS-7000 Series L2S v1r2
AMLS-L2-000130 - The Arista Multilayer Switch must authenticate all endpoint devices before establishing a network connection using bidirectional authentication that is cryptographically based - dot1x system-auth-controlAristaDISA STIG Arista MLS DCS-7000 Series L2S v1r2
AMLS-L2-000140 - The Arista Multilayer Switch must re-authenticate all endpoint devices every 60 minutes or less - dot1x reauthenticationAristaDISA STIG Arista MLS DCS-7000 Series L2S v1r2
AMLS-L2-000140 - The Arista Multilayer Switch must re-authenticate all endpoint devices every 60 minutes or less - dot1x timeout reauth-period 3600AristaDISA STIG Arista MLS DCS-7000 Series L2S v1r2
AOSX-14-004020 - The macOS system must authenticate all endpoint devices before establishing a local, remote, and/or network connection using bidirectional authentication that is cryptographically based.UnixDISA STIG Apple Mac OSX 10.14 v2r6
AOSX-15-000008 - The macOS system must be configured with Wi-Fi support software disabled.UnixDISA STIG Apple Mac OSX 10.15 v1r8
APPL-11-000008 - The macOS system must be configured with Wi-Fi support software disabled.UnixDISA STIG Apple macOS 11 v1r5
APPL-11-000008 - The macOS system must be configured with Wi-Fi support software disabled.UnixDISA STIG Apple macOS 11 v1r6
CASA-ND-001050 - The Cisco ASA must be configured to authenticate Simple Network Management Protocol (SNMP) messages using a FIPS-validated Keyed-Hash Message Authentication Code (HMAC) - groupCiscoDISA STIG Cisco ASA NDM v1r1
CASA-ND-001050 - The Cisco ASA must be configured to authenticate Simple Network Management Protocol (SNMP) messages using a FIPS-validated Keyed-Hash Message Authentication Code (HMAC) - hostCiscoDISA STIG Cisco ASA NDM v1r1
CASA-ND-001050 - The Cisco ASA must be configured to authenticate Simple Network Management Protocol (SNMP) messages using a FIPS-validated Keyed-Hash Message Authentication Code (HMAC) - userCiscoDISA STIG Cisco ASA NDM v1r1
CASA-ND-001070 - The Cisco ASA must be configured to encrypt Simple Network Management Protocol (SNMP) messages using a FIPS 140-2 approved algorithm - groupCiscoDISA STIG Cisco ASA NDM v1r1
CASA-ND-001070 - The Cisco ASA must be configured to encrypt Simple Network Management Protocol (SNMP) messages using a FIPS 140-2 approved algorithm - hostCiscoDISA STIG Cisco ASA NDM v1r1
CASA-ND-001070 - The Cisco ASA must be configured to encrypt Simple Network Management Protocol (SNMP) messages using a FIPS 140-2 approved algorithm - userCiscoDISA STIG Cisco ASA NDM v1r1
CASA-ND-001080 - The Cisco ASA must be configured to authenticate Network Time Protocol sources using authentication that is cryptographically based - md5CiscoDISA STIG Cisco ASA NDM v1r1
CASA-ND-001080 - The Cisco ASA must be configured to authenticate Network Time Protocol sources using authentication that is cryptographically based - ntp authenticateCiscoDISA STIG Cisco ASA NDM v1r1
CASA-ND-001080 - The Cisco ASA must be configured to authenticate Network Time Protocol sources using authentication that is cryptographically based - ntp serverCiscoDISA STIG Cisco ASA NDM v1r1
CASA-ND-001080 - The Cisco ASA must be configured to authenticate Network Time Protocol sources using authentication that is cryptographically based - ntp server preferCiscoDISA STIG Cisco ASA NDM v1r1
CASA-ND-001080 - The Cisco ASA must be configured to authenticate Network Time Protocol sources using authentication that is cryptographically based - ntp trusted-keyCiscoDISA STIG Cisco ASA NDM v1r1
CISC-ND-001130 - The Cisco router must be configured to authenticate SNMP messages using a FIPS-validated Keyed-Hash Message Authentication Code (HMAC) - snmp-server groupCiscoDISA STIG Cisco IOS-XR Router NDM v2r2
CISC-ND-001130 - The Cisco router must be configured to authenticate SNMP messages using a FIPS-validated Keyed-Hash Message Authentication Code (HMAC) - snmp-server groupCiscoDISA STIG Cisco IOS Router NDM v2r3
CISC-ND-001130 - The Cisco router must be configured to authenticate SNMP messages using a FIPS-validated Keyed-Hash Message Authentication Code (HMAC) - snmp-server groupCiscoDISA STIG Cisco IOS XE Router NDM v2r3
CISC-ND-001130 - The Cisco router must be configured to authenticate SNMP messages using a FIPS-validated Keyed-Hash Message Authentication Code (HMAC) - snmp-server hostCiscoDISA STIG Cisco IOS Router NDM v2r3
CISC-ND-001130 - The Cisco router must be configured to authenticate SNMP messages using a FIPS-validated Keyed-Hash Message Authentication Code (HMAC) - snmp-server hostCiscoDISA STIG Cisco IOS-XR Router NDM v2r2
CISC-ND-001130 - The Cisco router must be configured to authenticate SNMP messages using a FIPS-validated Keyed-Hash Message Authentication Code (HMAC) - snmp-server hostCiscoDISA STIG Cisco IOS XE Router NDM v2r3
CISC-ND-001130 - The Cisco router must be configured to authenticate SNMP messages using a FIPS-validated Keyed-Hash Message Authentication Code (HMAC) - snmp-server userCiscoDISA STIG Cisco IOS-XR Router NDM v2r2
CISC-ND-001130 - The Cisco router must be configured to authenticate SNMP messages using a FIPS-validated Keyed-Hash Message Authentication Code (HMAC) - snmp-server userCiscoDISA STIG Cisco IOS XE Router NDM v2r3
CISC-ND-001130 - The Cisco router must be configured to authenticate SNMP messages using a FIPS-validated Keyed-Hash Message Authentication Code (HMAC) - snmp-server userCiscoDISA STIG Cisco IOS Router NDM v2r3
CISC-ND-001130 - The Cisco router must be configured to authenticate SNMP messages using a FIPS-validated Keyed-Hash Message Authentication Code (HMAC) - snmp-server view V3READCiscoDISA STIG Cisco IOS Router NDM v2r3
CISC-ND-001130 - The Cisco router must be configured to authenticate SNMP messages using a FIPS-validated Keyed-Hash Message Authentication Code (HMAC) - snmp-server view V3READCiscoDISA STIG Cisco IOS XE Router NDM v2r3
CISC-ND-001130 - The Cisco router must be configured to authenticate SNMP messages using a FIPS-validated Keyed-Hash Message Authentication Code (HMAC) - snmp-server view V3READCiscoDISA STIG Cisco IOS-XR Router NDM v2r2
CISC-ND-001130 - The Cisco router must be configured to authenticate SNMP messages using a FIPS-validated Keyed-Hash Message Authentication Code (HMAC) - snmp-server view V3WRITECiscoDISA STIG Cisco IOS Router NDM v2r3
CISC-ND-001130 - The Cisco router must be configured to authenticate SNMP messages using a FIPS-validated Keyed-Hash Message Authentication Code (HMAC) - snmp-server view V3WRITECiscoDISA STIG Cisco IOS-XR Router NDM v2r2
CISC-ND-001130 - The Cisco router must be configured to authenticate SNMP messages using a FIPS-validated Keyed-Hash Message Authentication Code (HMAC) - snmp-server view V3WRITECiscoDISA STIG Cisco IOS XE Router NDM v2r3
CISC-ND-001130 - The Cisco switch must be configured to authenticate SNMP messages using a FIPS-validated Keyed-Hash Message Authentication Code (HMAC) - show snmp userCiscoDISA STIG Cisco NX-OS Switch NDM v2r3
CISC-ND-001130 - The Cisco switch must be configured to authenticate SNMP messages using a FIPS-validated Keyed-Hash Message Authentication Code (HMAC) - show snmp userCiscoDISA STIG Cisco IOS Switch NDM v2r3
CISC-ND-001130 - The Cisco switch must be configured to authenticate SNMP messages using a FIPS-validated Keyed-Hash Message Authentication Code (HMAC) - show snmp userCiscoDISA STIG Cisco IOS XE Switch NDM v2r2
CISC-ND-001130 - The Cisco switch must be configured to authenticate SNMP messages using a FIPS-validated Keyed-Hash Message Authentication Code (HMAC) - snmp-server groupCiscoDISA STIG Cisco IOS Switch NDM v2r3
CISC-ND-001130 - The Cisco switch must be configured to authenticate SNMP messages using a FIPS-validated Keyed-Hash Message Authentication Code (HMAC) - snmp-server groupCiscoDISA STIG Cisco IOS XE Switch NDM v2r2
CISC-ND-001130 - The Cisco switch must be configured to authenticate SNMP messages using a FIPS-validated Keyed-Hash Message Authentication Code (HMAC) - snmp-server hostCiscoDISA STIG Cisco IOS Switch NDM v2r3
CISC-ND-001130 - The Cisco switch must be configured to authenticate SNMP messages using a FIPS-validated Keyed-Hash Message Authentication Code (HMAC) - snmp-server hostCiscoDISA STIG Cisco IOS XE Switch NDM v2r2
CISC-ND-001130 - The Cisco switch must be configured to authenticate SNMP messages using a FIPS-validated Keyed-Hash Message Authentication Code (HMAC) - snmp-server hostCiscoDISA STIG Cisco NX-OS Switch NDM v2r3
CISC-ND-001130 - The Cisco switch must be configured to authenticate SNMP messages using a FIPS-validated Keyed-Hash Message Authentication Code (HMAC) - snmp-server user md5CiscoDISA STIG Cisco NX-OS Switch NDM v2r3
CISC-ND-001130 - The Cisco switch must be configured to authenticate SNMP messages using a FIPS-validated Keyed-Hash Message Authentication Code (HMAC) - snmp-server user shaCiscoDISA STIG Cisco NX-OS Switch NDM v2r3
CISC-ND-001130 - The Cisco switch must be configured to authenticate SNMP messages using a FIPS-validated Keyed-Hash Message Authentication Code (HMAC) - snmp-server viewCiscoDISA STIG Cisco IOS Switch NDM v2r3
CISC-ND-001130 - The Cisco switch must be configured to authenticate SNMP messages using a FIPS-validated Keyed-Hash Message Authentication Code (HMAC) - snmp-server viewCiscoDISA STIG Cisco IOS XE Switch NDM v2r2
CISC-ND-001150 - The Cisco router must be configured to authenticate NTP sources using authentication that is cryptographically based - ntp NTP_SERVER_1 authentication-keyCiscoDISA STIG Cisco IOS-XR Router NDM v2r2
CISC-ND-001150 - The Cisco router must be configured to authenticate NTP sources using authentication that is cryptographically based - ntp NTP_SERVER_2 authentication-keyCiscoDISA STIG Cisco IOS-XR Router NDM v2r2