Item Search

NameAudit NamePluginCategory
1.8.8 Ensure users must authenticate users using MFA via a graphical user logonCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

IDENTIFICATION AND AUTHENTICATION

1.10 Ensure required packages for multifactor authentication are installedCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

IDENTIFICATION AND AUTHENTICATION

5.4.9 Ensure multifactor authentication for access to privileged accounts - PAM.CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

IDENTIFICATION AND AUTHENTICATION

5.4.10 Ensure certificate status checking for PKI authenticationCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

IDENTIFICATION AND AUTHENTICATION

AIX7-00-003205 - The AIX operating system must accept and verify Personal Identity Verification (PIV) credentials.DISA STIG AIX 7.x v3r1Unix

IDENTIFICATION AND AUTHENTICATION

AOSX-14-001060 - The macOS system must accept and verify Personal Identity Verification (PIV) credentials, implement a local cache of revocation data to support path discovery and validation in case of the inability to access revocation information via the network, and only allow the use of DoD PKI-established certificate authorities for verification of the establishment of protected sessions.DISA STIG Apple Mac OSX 10.14 v2r6Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

APPL-11-001060 - The macOS system must accept and verify Personal Identity Verification (PIV) credentials, implement a local cache of revocation data to support path discovery and validation in case of the inability to access revocation information via the network, and only allow the use of DoD PKI-established certificate authorities to verify the establishment of protected sessions.DISA STIG Apple macOS 11 v1r8Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

APPL-11-001060 - The macOS system must accept and verify Personal Identity Verification (PIV) credentials, implement a local cache of revocation data to support path discovery and validation in case of the inability to access revocation information via the network, and only allow the use of DoD PKI-established certificate authorities to verify the establishment of protected sessions.DISA STIG Apple macOS 11 v1r5Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

APPL-12-001060 - The macOS system must accept and verify Personal Identity Verification (PIV) credentials, implement a local cache of revocation data to support path discovery and validation in case of the inability to access revocation information via the network, and only allow the use of DoD PKI-established certificate authorities for verification of the establishment of protected sessions - PIV credentials, implement a local cache of revocation data to support path discovery and validation in case of the inability to access revocation information via the network, and only allow the use of DoD PKI-established certificate authorities to verify the establishment of protected sessions.DISA STIG Apple macOS 12 v1r9Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

APPL-13-001060 - The macOS system must accept and verify Personal Identity Verification (PIV) credentials, implement a local cache of revocation data to support path discovery and validation in case of the inability to access revocation information via the network, and only allow the use of DOD PKI-established certificate authorities for verification of the establishment of protected sessions.DISA STIG Apple macOS 13 v1r4Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

Big Sur - Set Smartcard Certificate Trust to ModerateNIST macOS Big Sur v1.4.0 - 800-53r4 ModerateUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

CASA-VN-000660 - The Cisco VPN remote access server must be configured to accept Common Access Card (CAC) credential credentials.DISA STIG Cisco ASA VPN v2r1Cisco

IDENTIFICATION AND AUTHENTICATION

Catalina - Set Smartcard Certificate Trust to ModerateNIST macOS Catalina v1.5.0 - 800-53r4 ModerateUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

ESXI-06-100040 - The VMM must accept Personal Identity Verification (PIV) credentials.DISA STIG VMware vSphere 6.x ESXi v1r5VMware

IDENTIFICATION AND AUTHENTICATION

ESXI-67-000040 - The ESXi host must use multifactor authentication for local DCUI access to privileged accounts.DISA STIG VMware vSphere 6.7 ESXi v1r3VMware

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

EX13-CA-000135 - Exchange Outlook Anywhere (OA) clients must use NTLM authentication to access email.DISA Microsoft Exchange 2013 Client Access Server STIG v2r2Windows

IDENTIFICATION AND AUTHENTICATION

EX13-MB-000305 - Exchange Outlook Anywhere (OA) clients must use NTLM authentication to access email.DISA Microsoft Exchange 2013 Mailbox Server STIG v2r3Windows

IDENTIFICATION AND AUTHENTICATION

EX16-MB-000610 - Exchange Outlook Anywhere clients must use NTLM authentication to access email.DISA Microsoft Exchange 2016 Mailbox Server STIG v2r6Windows

IDENTIFICATION AND AUTHENTICATION

EX19-MB-000203 Exchange Outlook Anywhere clients must use NTLM authentication to access email.DISA Microsoft Exchange 2019 Mailbox Server STIG v2r1Windows

IDENTIFICATION AND AUTHENTICATION

Monterey - Set Smartcard Certificate Trust to ModerateNIST macOS Monterey v1.0.0 - CNSSI 1253Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

Monterey - Set Smartcard Certificate Trust to ModerateNIST macOS Monterey v1.0.0 - 800-53r4 ModerateUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

Monterey - Set Smartcard Certificate Trust to ModerateNIST macOS Monterey v1.0.0 - 800-53r5 ModerateUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

Monterey - Set Smartcard Certificate Trust to ModerateNIST macOS Monterey v1.0.0 - All ProfilesUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

OL07-00-041001 - The Oracle Linux operating system must have the required packages for multifactor authentication installed.DISA Oracle Linux 7 STIG v2r14Unix

IDENTIFICATION AND AUTHENTICATION

OL07-00-041002 - The Oracle Linux operating system must implement multifactor authentication for access to privileged accounts via pluggable authentication modules (PAM) - PAM.DISA Oracle Linux 7 STIG v2r14Unix

IDENTIFICATION AND AUTHENTICATION

OL07-00-041003 - The Oracle Linux operating system must implement certificate status checking for PKI authentication.DISA Oracle Linux 7 STIG v2r14Unix

IDENTIFICATION AND AUTHENTICATION

OL08-00-010410 - OL 8 must accept Personal Identity Verification (PIV) credentials.DISA Oracle Linux 8 STIG v2r2Unix

IDENTIFICATION AND AUTHENTICATION

PANW-NM-000110 - The Palo Alto Networks security platform must accept and verify Personal Identity Verification (PIV) credentials - 'Certificate Profile'DISA STIG Palo Alto NDM v3r1Palo_Alto

CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION

PANW-NM-000110 - The Palo Alto Networks security platform must accept and verify Personal Identity Verification (PIV) credentials - 'DOD CA certificates'DISA STIG Palo Alto NDM v3r1Palo_Alto

CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION

PANW-NM-000110 - The Palo Alto Networks security platform must accept and verify Personal Identity Verification (PIV) credentials - 'Use OCSP'DISA STIG Palo Alto NDM v3r1Palo_Alto

CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION

RHEL-07-010061 - The Red Hat Enterprise Linux operating system must uniquely identify and must authenticate users using multifactor authentication via a graphical user logon.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

IDENTIFICATION AND AUTHENTICATION

RHEL-07-041001 - The Red Hat Enterprise Linux operating system must have the required packages for multifactor authentication installed.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

IDENTIFICATION AND AUTHENTICATION

RHEL-07-041002 - The Red Hat Enterprise Linux operating system must implement multifactor authentication for access to privileged accounts via pluggable authentication modules (PAM).DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

IDENTIFICATION AND AUTHENTICATION

RHEL-07-041003 - The Red Hat Enterprise Linux operating system must implement certificate status checking for PKI authentication.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

IDENTIFICATION AND AUTHENTICATION

RHEL-08-010410 - RHEL 8 must accept Personal Identity Verification (PIV) credentials.DISA Red Hat Enterprise Linux 8 STIG v2r1Unix

IDENTIFICATION AND AUTHENTICATION

RHEL-09-215075 - RHEL 9 must have the openssl-pkcs11 package installed.DISA Red Hat Enterprise Linux 9 STIG v2r2Unix

IDENTIFICATION AND AUTHENTICATION

RHEL-09-611185 - RHEL 9 must have the opensc package installed.DISA Red Hat Enterprise Linux 9 STIG v2r2Unix

IDENTIFICATION AND AUTHENTICATION

SLES-12-030500 - The SUSE operating system must have the packages required for multifactor authentication to be installed.DISA SLES 12 STIG v2r13Unix

IDENTIFICATION AND AUTHENTICATION

SLES-12-030510 - The SUSE operating system must implement certificate status checking for multifactor authentication.DISA SLES 12 STIG v2r13Unix

IDENTIFICATION AND AUTHENTICATION

SLES-15-010460 - The SUSE operating system must have the packages required for multifactor authentication to be installed.DISA SLES 15 STIG v2r2Unix

IDENTIFICATION AND AUTHENTICATION

SLES-15-010470 - The SUSE operating system must implement certificate status checking for multifactor authentication - which includes status information to an accepted trust anchor.DISA SLES 15 STIG v2r2Unix

IDENTIFICATION AND AUTHENTICATION

SPLK-CL-000045 - Splunk Enterprise must use an SSO proxy service, F5 device, or SAML implementation to accept the DOD common access card (CAC) or other smart card credential for identity management, personal authentication, and multifactor authentication.DISA STIG Splunk Enterprise 7.x for Windows v3r1 REST APISplunk

IDENTIFICATION AND AUTHENTICATION

SPLK-CL-000490 - Splunk Enterprise must accept the DOD CAC or other PKI credential for identity management and personal authentication.DISA STIG Splunk Enterprise 8.x for Linux v2r1 STIG REST APISplunk

IDENTIFICATION AND AUTHENTICATION

TCAT-AS-001320 - Multifactor certificate-based tokens (CAC) must be used when accessing the management interface.DISA STIG Apache Tomcat Application Server 9 v3r1 MiddlewareUnix

IDENTIFICATION AND AUTHENTICATION

UBTU-16-030800 - The Ubuntu operating system must have the packages required for multifactor authentication to be installed.DISA STIG Ubuntu 16.04 LTS v2r3Unix

IDENTIFICATION AND AUTHENTICATION

UBTU-16-030810 - The Ubuntu operating system must accept Personal Identity Verification (PIV) credentials.DISA STIG Ubuntu 16.04 LTS v2r3Unix

IDENTIFICATION AND AUTHENTICATION

UBTU-16-030820 - The Ubuntu operating system must implement certificate status checking for multifactor authentication.DISA STIG Ubuntu 16.04 LTS v2r3Unix

IDENTIFICATION AND AUTHENTICATION

UBTU-18-010432 - The Ubuntu operating system must accept Personal Identity Verification (PIV) credentials.DISA STIG Ubuntu 18.04 LTS v2r15Unix

IDENTIFICATION AND AUTHENTICATION

UBTU-20-010064 - The Ubuntu operating system must accept Personal Identity Verification (PIV) credentials.DISA STIG Ubuntu 20.04 LTS v2r1Unix

IDENTIFICATION AND AUTHENTICATION

UBTU-22-612015 - Ubuntu 22.04 LTS must accept personal identity verification (PIV) credentials.DISA STIG Canonical Ubuntu 22.04 LTS v2r2Unix

IDENTIFICATION AND AUTHENTICATION