| 3.070 - The system is configured to permit storage of credentials or .NET Passports. | DISA Windows Vista STIG v6r41 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 3.129 - User Account Control - Built In Admin Approval Mode | DISA Windows Vista STIG v6r41 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 3.131 - User Account Control - Behavior of elevation prompt for standard users. | DISA Windows Vista STIG v6r41 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 3.137 - User Account Control - Run all admins in Admin Approval Mode | DISA Windows Vista STIG v6r41 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 5.2.4 Ensure users must provide password for escalation | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.2.5 Ensure users must re-authenticate for privilege escalation | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.2.7 Ensure sudo authentication timeout is configured - sudo command. | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.042 - Terminal Services is not configured to always prompt a client for passwords upon connection. | DISA Windows Vista STIG v6r41 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 5.116 - Terminal Services / Remote Desktop Service - Prevent password saving in the Remote Desktop Client | DISA Windows Vista STIG v6r41 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 5.224 - Power Mgmt - Password Wake on Battery | DISA Windows Vista STIG v6r41 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 5.225 - Power Mgmt - Password Wake When Plugged In | DISA Windows Vista STIG v6r41 | Windows | IDENTIFICATION AND AUTHENTICATION |
| APPL-13-004022 - The macOS system must require users to reauthenticate for privilege escalation when using the 'sudo' command - sudo command. | DISA STIG Apple macOS 13 v1r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| Big Sur - Require users to reauthenticate for privilege escalation | NIST macOS Big Sur v1.4.0 - All Profiles | Unix | IDENTIFICATION AND AUTHENTICATION |
| Big Sur - Require users to reauthenticate when changing authenticators | NIST macOS Big Sur v1.4.0 - 800-53r5 Moderate | Unix | IDENTIFICATION AND AUTHENTICATION |
| Big Sur - Require users to reauthenticate when changing authenticators | NIST macOS Big Sur v1.4.0 - 800-53r5 Low | Unix | IDENTIFICATION AND AUTHENTICATION |
| Big Sur - Require users to reauthenticate when changing authenticators | NIST macOS Big Sur v1.4.0 - 800-53r5 High | Unix | IDENTIFICATION AND AUTHENTICATION |
| Big Sur - Require users to reauthenticate when changing authenticators | NIST macOS Big Sur v1.4.0 - All Profiles | Unix | IDENTIFICATION AND AUTHENTICATION |
| Catalina - Require users to reauthenticate for privilege escalation | NIST macOS Catalina v1.5.0 - All Profiles | Unix | IDENTIFICATION AND AUTHENTICATION |
| Catalina - Require users to reauthenticate when changing authenticators | NIST macOS Catalina v1.5.0 - All Profiles | Unix | IDENTIFICATION AND AUTHENTICATION |
| F5BI-AP-000230 - The F5 BIG-IP appliance must be configured to set a 'Maximum Session Timeout' value of 8 hours or less. | DISA F5 BIG-IP Access Policy Manager STIG v2r3 | F5 | IDENTIFICATION AND AUTHENTICATION |
| GEN001025 - The sudo command must require authentication - /etc/sudoers - !authenticate | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | IDENTIFICATION AND AUTHENTICATION |
| GEN001025 - The sudo command must require authentication - /etc/sudoers.d/* - NOPASSWD | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | IDENTIFICATION AND AUTHENTICATION |
| MD4X-00-005600 - MongoDB must require users to reauthenticate when organization-defined circumstances or situations require reauthentication. | DISA STIG MongoDB Enterprise Advanced 4.x v1r4 OS | Unix | IDENTIFICATION AND AUTHENTICATION |
| Monterey - Require users to reauthenticate for privilege escalation | NIST macOS Monterey v1.0.0 - All Profiles | Unix | IDENTIFICATION AND AUTHENTICATION |
| Monterey - Require users to reauthenticate when changing authenticators | NIST macOS Monterey v1.0.0 - 800-53r5 Moderate | Unix | IDENTIFICATION AND AUTHENTICATION |
| Monterey - Require users to reauthenticate when changing authenticators | NIST macOS Monterey v1.0.0 - 800-53r5 Low | Unix | IDENTIFICATION AND AUTHENTICATION |
| Monterey - Require users to reauthenticate when changing authenticators | NIST macOS Monterey v1.0.0 - 800-53r5 High | Unix | IDENTIFICATION AND AUTHENTICATION |
| Monterey - Require users to reauthenticate when changing authenticators | NIST macOS Monterey v1.0.0 - All Profiles | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL6-00-000537 - The Oracle Linux operating system must require re-authentication when using the 'sudo' command - sudo command. | DISA STIG Oracle Linux 6 v2r7 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL6-00-000539 - The Oracle Linux operating system must not be configured to bypass password requirements for privilege escalation. | DISA STIG Oracle Linux 6 v2r7 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL07-00-010343 - The Oracle Linux operating system must require re-authentication when using the 'sudo' command - sudo command. | DISA Oracle Linux 7 STIG v2r14 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL07-00-010344 - The Oracle Linux operating system must not be configured to bypass password requirements for privilege escalation. | DISA Oracle Linux 7 STIG v2r14 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL07-00-010350 - The Oracle Linux operating system must be configured so users must re-authenticate for privilege escalation. | DISA Oracle Linux 7 STIG v2r14 | Unix | IDENTIFICATION AND AUTHENTICATION |
| PHTN-30-000062 - The Photon operating system must require users to reauthenticate for privilege escalation. | DISA STIG VMware vSphere 7.0 Photon OS v1r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| PHTN-67-000065 - The Photon operating system must require users to reauthenticate for privilege escalation. | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-07-010343 - The Red Hat Enterprise Linux operating system must require re-authentication when using the 'sudo' command - sudo command. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-07-010344 - The Red Hat Enterprise Linux operating system must not be configured to bypass password requirements for privilege escalation. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-08-010380 - RHEL 8 must require users to provide a password for privilege escalation. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| SLES-12-010113 - The SUSE operating system must require re-authentication when using the 'sudo' command - sudo command. | DISA SLES 12 STIG v2r13 | Unix | IDENTIFICATION AND AUTHENTICATION |
| SLES-12-010114 - The SUSE operating system must not be configured to bypass password requirements for privilege escalation. | DISA SLES 12 STIG v2r13 | Unix | IDENTIFICATION AND AUTHENTICATION |
| SYMP-AG-000310 - Symantec ProxySG providing user authentication intermediary services must require users to reauthenticate every 900 seconds when organization-defined circumstances or situations require reauthentication - coreid | DISA Symantec ProxySG Benchmark ALG v1r3 | BlueCoat | IDENTIFICATION AND AUTHENTICATION |
| SYMP-AG-000310 - Symantec ProxySG providing user authentication intermediary services must require users to reauthenticate every 900 seconds when organization-defined circumstances or situations require reauthentication - iwa | DISA Symantec ProxySG Benchmark ALG v1r3 | BlueCoat | IDENTIFICATION AND AUTHENTICATION |
| SYMP-AG-000310 - Symantec ProxySG providing user authentication intermediary services must require users to reauthenticate every 900 seconds when organization-defined circumstances or situations require reauthentication - LDAP | DISA Symantec ProxySG Benchmark ALG v1r3 | BlueCoat | IDENTIFICATION AND AUTHENTICATION |
| SYMP-AG-000310 - Symantec ProxySG providing user authentication intermediary services must require users to reauthenticate every 900 seconds when organization-defined circumstances or situations require reauthentication - RADIUS | DISA Symantec ProxySG Benchmark ALG v1r3 | BlueCoat | IDENTIFICATION AND AUTHENTICATION |
| SYMP-AG-000310 - Symantec ProxySG providing user authentication intermediary services must require users to reauthenticate every 900 seconds when organization-defined circumstances or situations require reauthentication - siteminder | DISA Symantec ProxySG Benchmark ALG v1r3 | BlueCoat | IDENTIFICATION AND AUTHENTICATION |
| SYMP-AG-000310 - Symantec ProxySG providing user authentication intermediary services must require users to reauthenticate every 900 seconds when organization-defined circumstances or situations require reauthentication - xml | DISA Symantec ProxySG Benchmark ALG v1r3 | BlueCoat | IDENTIFICATION AND AUTHENTICATION |
| SYMP-AG-000310 - Symantec ProxySG providing user authentication intermediary services must require users to reauthenticate every 900 seconds when organization-defined circumstances or situations require reauthentication. | DISA Symantec ProxySG Benchmark ALG v1r3 | BlueCoat | IDENTIFICATION AND AUTHENTICATION |
| WN11-CC-000355 - The Windows Remote Management (WinRM) service must not store RunAs credentials. | DISA Windows 11 STIG v2r2 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN22-CC-000360 - Windows Server 2022 Remote Desktop Services must always prompt a client for passwords upon connection. | DISA Windows Server 2022 STIG v2r2 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN22-SO-000380 - Windows Server 2022 User Account Control (UAC) approval mode for the built-in Administrator must be enabled. | DISA Windows Server 2022 STIG v2r2 | Windows | IDENTIFICATION AND AUTHENTICATION |
