CSCv6|16.13

Title

Ensure that all account usernames and authentication credentials are transmitted across networks using encrypted channels.

Description

Ensure that all account usernames and authentication credentials are transmitted across networks using encrypted channels.

Reference Item Details

Category: Account Monitoring and Control

Family: Application

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.1.1 Ensure 'Logon Password' is setCiscoCIS Cisco Firewall v8.x L1 v4.2.0
1.1.1 Ensure 'Logon Password' is setCiscoCIS Cisco ASA 9.x Firewall L1 v1.0.0
1.1.1 Ensure 'Logon Password' is setCiscoCIS Cisco Firewall ASA 9 L1 v4.1.0
1.1.1.7 Set 'Store passwords using reversible encryption' to 'Disabled'WindowsCIS Windows 8 L1 v1.0.0
1.1.2 Ensure 'Enable Password' is setCiscoCIS Cisco Firewall v8.x L1 v4.2.0
1.1.2 Ensure 'Enable Password' is setCiscoCIS Cisco Firewall ASA 9 L1 v4.1.0
1.1.2 Ensure 'Enable Password' is setCiscoCIS Cisco ASA 9.x Firewall L1 v1.0.0
1.1.3.10.11 Configure 'Network access: Do not allow storage of passwords and credentials for network authentication'WindowsCIS Windows 8 L1 v1.0.0
1.1.6 Ensure 'Store passwords using reversible encryption' is set to 'Disabled'WindowsCIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0
1.1.6 Ensure 'Store passwords using reversible encryption' is set to 'Disabled'WindowsCIS Microsoft Windows Server 2008 Member Server Level 1 v3.2.0
1.1.6 Ensure 'Store passwords using reversible encryption' is set to 'Disabled'WindowsCIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.2.0
1.1.6 Ensure 'Store passwords using reversible encryption' is set to 'Disabled'WindowsCIS Windows 7 Workstation Level 1 v3.2.0
1.1.7 Ensure 'Store passwords using reversible encryption' is set to 'Disabled'WindowsCIS Microsoft Windows 11 Enterprise v1.0.0 L1 + NG
1.1.7 Ensure 'Store passwords using reversible encryption' is set to 'Disabled'WindowsCIS Microsoft Windows 11 Enterprise v1.0.0 L1 + BL + NG
1.1.7 Ensure 'Store passwords using reversible encryption' is set to 'Disabled'WindowsCIS Microsoft Windows 11 Enterprise v1.0.0 L1 + BL
1.1.7 Ensure 'Store passwords using reversible encryption' is set to 'Disabled'WindowsCIS Microsoft Windows 11 Enterprise v1.0.0 L1
1.2.3 Ensure HTTP and Telnet options are disabled for the Management InterfacePalo_AltoCIS Palo Alto Firewall 6 Benchmark L1 v1.0.0
1.2.3 Ensure HTTP and Telnet options are disabled for the Management InterfacePalo_AltoCIS Palo Alto Firewall 7 Benchmark L1 v1.0.0
1.2.3 Ensure HTTP and Telnet options are disabled for the management interfacePalo_AltoCIS Palo Alto Firewall 8 Benchmark L1 v1.0.0
1.2.4 Ensure valid certificate is set for browser-based administrator interface - Authentication ProfilePalo_AltoCIS Palo Alto Firewall 6 Benchmark L2 v1.0.0
1.2.4 Ensure valid certificate is set for browser-based administrator interface - Authentication ProfilePalo_AltoCIS Palo Alto Firewall 7 Benchmark L2 v1.0.0
1.2.4 Ensure valid certificate is set for browser-based administrator interface - Certificate ProfilesPalo_AltoCIS Palo Alto Firewall 6 Benchmark L2 v1.0.0
1.2.4 Ensure valid certificate is set for browser-based administrator interface - Certificate ProfilesPalo_AltoCIS Palo Alto Firewall 7 Benchmark L2 v1.0.0
1.2.4 Ensure valid certificate is set for browser-based administrator interface - CertificatesPalo_AltoCIS Palo Alto Firewall 7 Benchmark L2 v1.0.0
1.2.4 Ensure valid certificate is set for browser-based administrator interface - CertificatesPalo_AltoCIS Palo Alto Firewall 6 Benchmark L2 v1.0.0
1.2.4.6.1 Set 'Disallow Digest authentication' to 'Enabled'WindowsCIS Windows 8 L1 v1.0.0
1.2.4.6.3 Set 'Allow Basic authentication' to 'Disabled'WindowsCIS Windows 8 L1 v1.0.0
1.2.4.6.5 Set 'Allow unencrypted traffic' to 'Disabled'WindowsCIS Windows 8 L1 v1.0.0
1.2.5 Ensure valid certificate is set for browser-based administrator interface - Authentication ProfilePalo_AltoCIS Palo Alto Firewall 8 Benchmark L2 v1.0.0
1.2.5 Ensure valid certificate is set for browser-based administrator interface - Certificate ProfilesPalo_AltoCIS Palo Alto Firewall 8 Benchmark L2 v1.0.0
1.2.5 Ensure valid certificate is set for browser-based administrator interface - CertificatesPalo_AltoCIS Palo Alto Firewall 8 Benchmark L2 v1.0.0
18.9.97.1.1 (L1) Ensure 'Allow Basic authentication' is set to 'Disabled'WindowsCIS Microsoft Windows 8.1 v2.4.0 L1
18.9.97.1.1 (L1) Ensure 'Allow Basic authentication' is set to 'Disabled'WindowsCIS Microsoft Windows 8.1 v2.4.0 L1 Bitlocker
18.9.97.1.1 Ensure 'Allow Basic authentication' is set to 'Disabled'WindowsCIS Microsoft Windows Server 2008 Member Server Level 1 v3.2.0
18.9.97.1.1 Ensure 'Allow Basic authentication' is set to 'Disabled'WindowsCIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.2.0
18.9.97.1.1 Ensure 'Allow Basic authentication' is set to 'Disabled'WindowsCIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.2.0
18.9.97.1.1 Ensure 'Allow Basic authentication' is set to 'Disabled'WindowsCIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.2.0
18.9.97.1.1 Ensure 'Allow Basic authentication' is set to 'Disabled' - ClientWindowsCIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0
18.9.97.1.1 Ensure 'Allow Basic authentication' is set to 'Disabled' - ClientWindowsCIS Windows 7 Workstation Level 1 v3.2.0
18.9.97.1.2 (L1) Ensure 'Allow unencrypted traffic' is set to 'Disabled'WindowsCIS Microsoft Windows 8.1 v2.4.0 L1 Bitlocker
18.9.97.1.2 (L1) Ensure 'Allow unencrypted traffic' is set to 'Disabled'WindowsCIS Microsoft Windows 8.1 v2.4.0 L1
18.9.97.1.2 Ensure 'Allow unencrypted traffic' is set to 'Disabled'WindowsCIS Microsoft Windows Server 2008 Member Server Level 1 v3.2.0
18.9.97.1.2 Ensure 'Allow unencrypted traffic' is set to 'Disabled'WindowsCIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.2.0
18.9.97.1.2 Ensure 'Allow unencrypted traffic' is set to 'Disabled'WindowsCIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.2.0
18.9.97.1.2 Ensure 'Allow unencrypted traffic' is set to 'Disabled'WindowsCIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.2.0
18.9.97.1.2 Ensure 'Allow unencrypted traffic' is set to 'Disabled' - ClientWindowsCIS Windows 7 Workstation Level 1 v3.2.0
18.9.97.1.2 Ensure 'Allow unencrypted traffic' is set to 'Disabled' - ClientWindowsCIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0
18.9.97.1.3 (L1) Ensure 'Disallow Digest authentication' is set to 'Enabled'WindowsCIS Microsoft Windows 8.1 v2.4.0 L1
18.9.97.1.3 (L1) Ensure 'Disallow Digest authentication' is set to 'Enabled'WindowsCIS Microsoft Windows 8.1 v2.4.0 L1 Bitlocker
18.9.97.1.3 Ensure 'Disallow Digest authentication' is set to 'Enabled'WindowsCIS Windows Server 2012 DC L1 v2.2.0