CSCv7|1.8

Title

Utilize Client Certificates to Authenticate Hardware Assets

Description

Use client certificates to authenticate hardware assets connecting to the organization's trusted network.

Reference Item Details

Reference: CIS Critical Security Controls v7

Category: Inventory and Control of Hardware Assets

Audit Items

View all Reference Audit Items

Name	Plugin	Audit Name
1.2.5 Ensure that the kubelet uses certificates to authenticate - ConfigMaps	OpenShift	CIS RedHat OpenShift Container Platform 4 v1.5.0 L1
1.2.5 Ensure that the kubelet uses certificates to authenticate - Secrets	OpenShift	CIS RedHat OpenShift Container Platform 4 v1.5.0 L1
1.2.6 Verify that the kubelet certificate authority is set as appropriate	OpenShift	CIS RedHat OpenShift Container Platform 4 v1.5.0 L1
1.2.32 Ensure that the API Server only makes use of Strong Cryptographic Ciphers	OpenShift	CIS RedHat OpenShift Container Platform 4 v1.5.0 L1
2.3 Ensure authentication is enabled in the sharded cluster	Windows	CIS MongoDB 7 L2 OS Windows v1.0.0
2.3 Ensure authentication is enabled in the sharded cluster	Unix	CIS MongoDB 7 L2 OS Linux v1.0.0
2.3 Ensure authentication is enabled in the sharded cluster	Windows	CIS MongoDB 3.6 L2 Windows Audit v1.1.0
2.3 Ensure authentication is enabled in the sharded cluster	Unix	CIS MongoDB 3.6 L2 Unix Audit v1.1.0
2.3 Ensure authentication is enabled in the sharded cluster - CAFile	Windows	CIS MongoDB 5 L2 OS Windows v1.2.0
2.3 Ensure authentication is enabled in the sharded cluster - CAFile	Windows	CIS MongoDB 6 L2 OS Windows v1.1.0
2.3 Ensure authentication is enabled in the sharded cluster - CAFile	Windows	CIS MongoDB 4 L1 OS Windows v1.0.0
2.3 Ensure authentication is enabled in the sharded cluster - CAFile	Unix	CIS MongoDB 4 L1 OS Linux v1.0.0
2.3 Ensure authentication is enabled in the sharded cluster - CAFile	Unix	CIS MongoDB 5 L2 OS Linux v1.2.0
2.3 Ensure authentication is enabled in the sharded cluster - CAFile	Unix	CIS MongoDB 6 L2 OS Linux v1.1.0
2.3 Ensure authentication is enabled in the sharded cluster - PEMKeyFile	Windows	CIS MongoDB 4 L1 OS Windows v1.0.0
2.3 Ensure authentication is enabled in the sharded cluster - PEMKeyFile	Unix	CIS MongoDB 4 L1 OS Linux v1.0.0
2.3 Ensure authentication is enabled in the sharded cluster - PEMKeyFile	Unix	CIS MongoDB 6 L2 OS Linux v1.1.0
2.3 Ensure authentication is enabled in the sharded cluster - PEMKeyFile	Unix	CIS MongoDB 5 L2 OS Linux v1.2.0
2.3 Ensure authentication is enabled in the sharded cluster - PEMKeyFile	Windows	CIS MongoDB 5 L2 OS Windows v1.2.0
2.3 Ensure authentication is enabled in the sharded cluster - PEMKeyFile	Windows	CIS MongoDB 6 L2 OS Windows v1.1.0
18.8.25.1 Ensure 'Support device authentication using certificate' is set to 'Enabled: Automatic' - Behavior	Windows	CIS Microsoft Windows Server 2016 STIG MS L2 v1.1.0
18.8.25.1 Ensure 'Support device authentication using certificate' is set to 'Enabled: Automatic' - Behavior	Windows	CIS Microsoft Windows Server 2019 STIG DC L2 v1.0.1
18.8.25.1 Ensure 'Support device authentication using certificate' is set to 'Enabled: Automatic' - Behavior	Windows	CIS Microsoft Windows Server 2019 STIG MS L2 v1.0.1
18.8.25.1 Ensure 'Support device authentication using certificate' is set to 'Enabled: Automatic' - Behavior	Windows	CIS Microsoft Windows Server 2016 STIG DC L2 v1.1.0
18.8.25.1 Ensure 'Support device authentication using certificate' is set to 'Enabled: Automatic' - Enabled	Windows	CIS Microsoft Windows Server 2019 STIG MS L2 v1.0.1
18.8.25.1 Ensure 'Support device authentication using certificate' is set to 'Enabled: Automatic' - Enabled	Windows	CIS Microsoft Windows Server 2016 STIG MS L2 v1.1.0
18.8.25.1 Ensure 'Support device authentication using certificate' is set to 'Enabled: Automatic' - Enabled	Windows	CIS Microsoft Windows Server 2016 STIG DC L2 v1.1.0
18.8.25.1 Ensure 'Support device authentication using certificate' is set to 'Enabled: Automatic' - Enabled	Windows	CIS Microsoft Windows Server 2019 STIG DC L2 v1.0.1
18.9.11.2.2 (BL) Ensure 'Allow Secure Boot for integrity validation' is set to 'Enabled'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L2 Bitlocker
18.9.11.2.2 (BL) Ensure 'Allow Secure Boot for integrity validation' is set to 'Enabled'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker
18.9.23.1 Ensure 'Support device authentication using certificate' is set to 'Enabled: Automatic'	Windows	CIS Microsoft Windows 10 Enterprise v2.0.0 L2 + BL + NG
18.9.23.1 Ensure 'Support device authentication using certificate' is set to 'Enabled: Automatic'	Windows	CIS Microsoft Windows 10 Enterprise v2.0.0 L2
18.9.23.1 Ensure 'Support device authentication using certificate' is set to 'Enabled: Automatic'	Windows	CIS Microsoft Windows 11 Enterprise v2.0.0 L2
18.9.23.1 Ensure 'Support device authentication using certificate' is set to 'Enabled: Automatic'	Windows	CIS Microsoft Windows 10 Enterprise v2.0.0 L2 + BL
18.9.23.1 Ensure 'Support device authentication using certificate' is set to 'Enabled: Automatic'	Windows	CIS Microsoft Windows 10 Enterprise v2.0.0 L2 + NG
18.9.23.1 Ensure 'Support device authentication using certificate' is set to 'Enabled: Automatic'	Windows	CIS Microsoft Windows 10 EMS Gateway v2.0.0 L1
18.9.23.1 Ensure 'Support device authentication using certificate' is set to 'Enabled: Automatic' - Enabled: Automatic	Windows	CIS Microsoft Windows 11 Stand-alone v2.0.0 L2 + BL
18.9.23.1 Ensure 'Support device authentication using certificate' is set to 'Enabled: Automatic' - Enabled: Automatic	Windows	CIS Microsoft Windows 11 Enterprise v2.0.0 L2 + BL
18.9.23.1 Ensure 'Support device authentication using certificate' is set to 'Enabled: Automatic' - Enabled: Automatic	Windows	CIS Microsoft Windows 10 Stand-alone v2.0.0 L2 + BL + NG
18.9.23.1 Ensure 'Support device authentication using certificate' is set to 'Enabled: Automatic' - Enabled: Automatic	Windows	CIS Microsoft Windows 10 Stand-alone v2.0.0 L2 + BL
18.9.23.1 Ensure 'Support device authentication using certificate' is set to 'Enabled: Automatic' - Enabled: Automatic	Windows	CIS Microsoft Windows 11 Stand-alone v2.0.0 L2
18.9.23.1 Ensure 'Support device authentication using certificate' is set to 'Enabled: Automatic' - Enabled: Automatic	Windows	CIS Microsoft Windows 10 Stand-alone v2.0.0 L2
18.9.23.1 Ensure 'Support device authentication using certificate' is set to 'Enabled: Automatic' - Enabled: Automatic	Windows	CIS Microsoft Windows 10 Stand-alone v2.0.0 L2 + NG
18.9.25.1 Ensure 'Support device authentication using certificate' is set to 'Enabled: Automatic'	Windows	CIS Microsoft Intune for Windows 10 v2.0.0 L2 + BL + NG
18.9.25.1 Ensure 'Support device authentication using certificate' is set to 'Enabled: Automatic'	Windows	CIS Microsoft Intune for Windows 10 v2.0.0 L2
18.9.25.1 Ensure 'Support device authentication using certificate' is set to 'Enabled: Automatic'	Windows	CIS Microsoft Intune for Windows 11 v2.0.0 L2
18.9.25.1 Ensure 'Support device authentication using certificate' is set to 'Enabled: Automatic'	Windows	CIS Microsoft Intune for Windows 11 v2.0.0 L2 + NG
18.9.25.1 Ensure 'Support device authentication using certificate' is set to 'Enabled: Automatic'	Windows	CIS Microsoft Intune for Windows 10 v2.0.0 L2 + BL
18.9.25.1 Ensure 'Support device authentication using certificate' is set to 'Enabled: Automatic'	Windows	CIS Microsoft Intune for Windows 11 v2.0.0 L2 + BL + NG
18.9.25.1 Ensure 'Support device authentication using certificate' is set to 'Enabled: Automatic'	Windows	CIS Microsoft Intune for Windows 10 v2.0.0 L2 + NG

Detections

Analytics

CSCv7|1.8

Title

Description

Reference Item Details

Audit Items