Detections
Analytics

CCI|CCI-004046

Title

Implement multi-factor authentication for local; network; and/or remote access to privileged accounts; and/or non-privileged accounts such that one of the factors is provided by a device separate from the system gaining access.

Reference Item Details

Category: 2024

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.19 UBTU-24-100650UnixCIS Ubuntu Linux 24.04 LTS STIG v1.0.0 CAT II
1.20 UBTU-24-100660UnixCIS Ubuntu Linux 24.04 LTS STIG v1.0.0 CAT II
1.30 UBTU-24-100910UnixCIS Ubuntu Linux 24.04 LTS STIG v1.0.0 CAT II
1.59 APPL-14-001150UnixCIS Apple macOS 14 (Sonoma) STIG v1.0.0 CAT I
1.62 RHEL-09-215075UnixCIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II
1.72 OL08-00-010390UnixCIS Oracle Linux 8 STIG v1.0.0 CAT III
1.73 OL08-00-010400UnixCIS Oracle Linux 8 STIG v1.0.0 CAT II
1.102 UBTU-22-612010UnixCIS Ubuntu Linux 22.04 LTS STIG v1.0.0 CAT II
1.124 APPL-14-003020UnixCIS Apple macOS 14 (Sonoma) STIG v1.0.0 CAT II
1.340 RHEL-09-611165UnixCIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II
1.341 RHEL-09-611170UnixCIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II
1.342 RHEL-09-611175UnixCIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II
1.343 RHEL-09-611180UnixCIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II
1.344 RHEL-09-611185UnixCIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II
AIX7-00-003200 - The AIX operating system must use Multi Factor Authentication.UnixDISA STIG AIX 7.x v3r1
ALMA-09-033350 - AlmaLinux OS 9 must have the opensc package installed.UnixDISA CloudLinux AlmaLinux OS 9 STIG v1r3
ALMA-09-033460 - The pcscd socket on AlmaLinux OS 9 must be active.UnixDISA CloudLinux AlmaLinux OS 9 STIG v1r3
ALMA-09-033570 - AlmaLinux OS 9 must have the pcsc-lite package installed.UnixDISA CloudLinux AlmaLinux OS 9 STIG v1r3
ALMA-09-033680 - AlmaLinux OS 9 must implement certificate status checking for multifactor authentication.UnixDISA CloudLinux AlmaLinux OS 9 STIG v1r3
ALMA-09-033790 - AlmaLinux OS 9 must enable certificate based smart card authentication.UnixDISA CloudLinux AlmaLinux OS 9 STIG v1r3
ALMA-09-034010 - AlmaLinux OS 9 must have the openssl-pkcs11 package installed.UnixDISA CloudLinux AlmaLinux OS 9 STIG v1r3
APPL-14-001150 - The macOS system must disable password authentication for SSH.UnixDISA Apple macOS 14 (Sonoma) STIG v2r3
APPL-14-003020 - The macOS system must enforce smart card authentication.UnixDISA Apple macOS 14 (Sonoma) STIG v2r3
APPL-15-001150 - The macOS system must disable password authentication for SSH.UnixDISA Apple macOS 15 (Sequoia) STIG v1r4
APPL-15-003020 - The macOS system must enforce smart card authentication.UnixDISA Apple macOS 15 (Sequoia) STIG v1r4
JUEX-NM-000640 - The Juniper EX switch must be configured to use an authentication server for the purpose of authenticating users prior to granting administrative access.JuniperDISA Juniper EX Series Network Device Management v2r3
JUSX-DM-000095 - The Juniper SRX Services Gateway must be configured to use an authentication server to centrally manage authentication and logon settings for remote and nonlocal access.JuniperDISA Juniper SRX Services Gateway NDM v3r3
OL07-00-010061 - The Oracle Linux operating system must uniquely identify and must authenticate users using multifactor authentication via a graphical user logon.UnixDISA Oracle Linux 7 STIG v3r3
OL07-00-041001 - The Oracle Linux operating system must have the required packages for multifactor authentication installed.UnixDISA Oracle Linux 7 STIG v3r3
OL07-00-041002 - The Oracle Linux operating system must implement multifactor authentication for access to privileged accounts via pluggable authentication modules (PAM) - PAM.UnixDISA Oracle Linux 7 STIG v3r3
OL07-00-041003 - The Oracle Linux operating system must implement certificate status checking for PKI authentication.UnixDISA Oracle Linux 7 STIG v3r3
OL08-00-010390 - OL 8 must have the package required for multifactor authentication installed.UnixDISA Oracle Linux 8 STIG v2r5
OL08-00-010400 - OL 8 must implement certificate status checking for multifactor authentication.UnixDISA Oracle Linux 8 STIG v2r5
OL09-00-000270 - OL 9 must have the openssl-pkcs11 package installed.UnixDISA Oracle Linux 9 STIG v1r2
OL09-00-000285 - OL 9 must have the SSSD package installed.UnixDISA Oracle Linux 9 STIG v1r2
OL09-00-000286 - OL 9 must use the SSSD package for multifactor authentication services.UnixDISA Oracle Linux 9 STIG v1r2
OL09-00-000390 - OL 9 must have the pcsc-lite package installed.UnixDISA Oracle Linux 9 STIG v1r2
OL09-00-000400 - OL 9 must have the opensc package installed.UnixDISA Oracle Linux 9 STIG v1r2
OL09-00-000401 - OL 9 must be configured so that the pcscd service is active.UnixDISA Oracle Linux 9 STIG v1r2
OL09-00-000925 - OL 9 must enable certificate-based smart card authentication.UnixDISA Oracle Linux 9 STIG v1r2
OL09-00-000930 - OL 9 must implement certificate status checking for multifactor authentication (MFA).UnixDISA Oracle Linux 9 STIG v1r2
RHEL-08-010390 - RHEL 8 must have the packages required for multifactor authentication installed.UnixDISA Red Hat Enterprise Linux 8 STIG v2r4
RHEL-08-010400 - RHEL 8 must implement certificate status checking for multifactor authentication.UnixDISA Red Hat Enterprise Linux 8 STIG v2r4
RHEL-09-215075 - RHEL 9 must have the openssl-pkcs11 package installed.UnixDISA Red Hat Enterprise Linux 9 STIG v2r4
RHEL-09-611165 - RHEL 9 must enable certificate based smart card authentication.UnixDISA Red Hat Enterprise Linux 9 STIG v2r4
RHEL-09-611170 - RHEL 9 must implement certificate status checking for multifactor authentication.UnixDISA Red Hat Enterprise Linux 9 STIG v2r4
RHEL-09-611175 - RHEL 9 must have the pcsc-lite package installed.UnixDISA Red Hat Enterprise Linux 9 STIG v2r4
RHEL-09-611180 - The pcscd service on RHEL 9 must be active.UnixDISA Red Hat Enterprise Linux 9 STIG v2r4
RHEL-09-611185 - RHEL 9 must have the opensc package installed.UnixDISA Red Hat Enterprise Linux 9 STIG v2r4
SLES-12-030500 - The SUSE operating system must have the packages required for multifactor authentication to be installed.UnixDISA SLES 12 STIG v3r3