Item Search

NameAudit NamePluginCategory
1.8.8 Ensure users must authenticate users using MFA via a graphical user logonCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

IDENTIFICATION AND AUTHENTICATION

1.10 Ensure required packages for multifactor authentication are installedCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

IDENTIFICATION AND AUTHENTICATION

AIX7-00-003205 - The AIX operating system must accept and verify Personal Identity Verification (PIV) credentials - PIV credentialsDISA STIG AIX 7.x v2r9Unix

IDENTIFICATION AND AUTHENTICATION

AOSX-14-001060 - The macOS system must accept and verify Personal Identity Verification (PIV) credentials, implement a local cache of revocation data to support path discovery and validation in case of the inability to access revocation information via the network, and only allow the use of DoD PKI-established certificate authorities for verification of the establishment of protected sessions.DISA STIG Apple Mac OSX 10.14 v2r6Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

APPL-11-001060 - The macOS system must accept and verify Personal Identity Verification (PIV) credentials, implement a local cache of revocation data to support path discovery and validation in case of the inability to access revocation information via the network, and only allow the use of DoD PKI-established certificate authorities to verify the establishment of protected sessions.DISA STIG Apple macOS 11 v1r5Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

APPL-11-001060 - The macOS system must accept and verify Personal Identity Verification (PIV) credentials, implement a local cache of revocation data to support path discovery and validation in case of the inability to access revocation information via the network, and only allow the use of DoD PKI-established certificate authorities to verify the establishment of protected sessions.DISA STIG Apple macOS 11 v1r8Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

APPL-12-001060 - The macOS system must accept and verify Personal Identity Verification (PIV) credentials, implement a local cache of revocation data to support path discovery and validation in case of the inability to access revocation information via the network, and only allow the use of DoD PKI-established certificate authorities for verification of the establishment of protected sessions - PIV credentials, implement a local cache of revocation data to support path discovery and validation in case of the inability to access revocation information via the network, and only allow the use of DoD PKI-established certificate authorities to verify the establishment of protected sessions.DISA STIG Apple macOS 12 v1r9Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

APPL-13-001060 - The macOS system must accept and verify Personal Identity Verification (PIV) credentials, implement a local cache of revocation data to support path discovery and validation in case of the inability to access revocation information via the network, and only allow the use of DOD PKI-established certificate authorities for verification of the establishment of protected sessions.DISA STIG Apple macOS 13 v1r4Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

APPL-14-001060 - The macOS system must set smart card certificate trust to moderate.DISA Apple macOS 14 (Sonoma) STIG v2r1Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

APPL-15-001060 - The macOS system must set smart card certificate trust to moderate.DISA Apple macOS 15 (Sequoia) STIG v1r1Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

Big Sur - Set Smartcard Certificate Trust to ModerateNIST macOS Big Sur v1.4.0 - 800-53r4 ModerateUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

Catalina - Set Smartcard Certificate Trust to HighNIST macOS Catalina v1.5.0 - All ProfilesUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

Catalina - Set Smartcard Certificate Trust to HighNIST macOS Catalina v1.5.0 - 800-53r4 HighUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

Catalina - Set Smartcard Certificate Trust to HighNIST macOS Catalina v1.5.0 - 800-53r5 HighUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

Catalina - Set Smartcard Certificate Trust to ModerateNIST macOS Catalina v1.5.0 - 800-53r5 ModerateUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

Catalina - Set Smartcard Certificate Trust to ModerateNIST macOS Catalina v1.5.0 - 800-53r4 ModerateUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

DTBI1075-IE11 - Prevent ignoring certificate errors option must be enabled.DISA STIG IE 11 v2r5Windows

IDENTIFICATION AND AUTHENTICATION

ESXI-67-000040 - The ESXi host must use multifactor authentication for local DCUI access to privileged accounts.DISA STIG VMware vSphere 6.7 ESXi v1r3VMware

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

EX13-CA-000135 - Exchange Outlook Anywhere (OA) clients must use NTLM authentication to access email.DISA Microsoft Exchange 2013 Client Access Server STIG v2r2Windows

IDENTIFICATION AND AUTHENTICATION

EX13-MB-000305 - Exchange Outlook Anywhere (OA) clients must use NTLM authentication to access email.DISA Microsoft Exchange 2013 Mailbox Server STIG v2r3Windows

IDENTIFICATION AND AUTHENTICATION

EX16-MB-000610 - Exchange Outlook Anywhere clients must use NTLM authentication to access email.DISA Microsoft Exchange 2016 Mailbox Server STIG v2r6Windows

IDENTIFICATION AND AUTHENTICATION

Monterey - Set Smartcard Certificate Trust to ModerateNIST macOS Monterey v1.0.0 - 800-53r4 ModerateUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

Monterey - Set Smartcard Certificate Trust to ModerateNIST macOS Monterey v1.0.0 - 800-53r5 ModerateUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

Monterey - Set Smartcard Certificate Trust to ModerateNIST macOS Monterey v1.0.0 - All ProfilesUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

Monterey - Set Smartcard Certificate Trust to ModerateNIST macOS Monterey v1.0.0 - CNSSI 1253Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

OL07-00-041001 - The Oracle Linux operating system must have the required packages for multifactor authentication installed.DISA Oracle Linux 7 STIG v2r14Unix

IDENTIFICATION AND AUTHENTICATION

OL07-00-041002 - The Oracle Linux operating system must implement multifactor authentication for access to privileged accounts via pluggable authentication modules (PAM) - PAM.DISA Oracle Linux 7 STIG v2r14Unix

IDENTIFICATION AND AUTHENTICATION

OL07-00-041003 - The Oracle Linux operating system must implement certificate status checking for PKI authentication.DISA Oracle Linux 7 STIG v2r14Unix

IDENTIFICATION AND AUTHENTICATION

PANW-NM-000110 - The Palo Alto Networks security platform must accept and verify Personal Identity Verification (PIV) credentials - 'Certificate Profile'DISA STIG Palo Alto NDM v3r1Palo_Alto

CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION

PANW-NM-000110 - The Palo Alto Networks security platform must accept and verify Personal Identity Verification (PIV) credentials - 'DOD CA certificates'DISA STIG Palo Alto NDM v3r1Palo_Alto

CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION

PANW-NM-000110 - The Palo Alto Networks security platform must accept and verify Personal Identity Verification (PIV) credentials - 'Use OCSP'DISA STIG Palo Alto NDM v3r1Palo_Alto

CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION

RHEL-07-010061 - The Red Hat Enterprise Linux operating system must uniquely identify and must authenticate users using multifactor authentication via a graphical user logon.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

IDENTIFICATION AND AUTHENTICATION

RHEL-07-041001 - The Red Hat Enterprise Linux operating system must have the required packages for multifactor authentication installed.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

IDENTIFICATION AND AUTHENTICATION

RHEL-07-041002 - The Red Hat Enterprise Linux operating system must implement multifactor authentication for access to privileged accounts via pluggable authentication modules (PAM).DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

IDENTIFICATION AND AUTHENTICATION

RHEL-07-041003 - The Red Hat Enterprise Linux operating system must implement certificate status checking for PKI authentication.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

IDENTIFICATION AND AUTHENTICATION

RHEL-09-215075 - RHEL 9 must have the openssl-pkcs11 package installed.DISA Red Hat Enterprise Linux 9 STIG v2r2Unix

IDENTIFICATION AND AUTHENTICATION

RHEL-09-611170 - RHEL 9 must implement certificate status checking for multifactor authentication.DISA Red Hat Enterprise Linux 9 STIG v2r2Unix

IDENTIFICATION AND AUTHENTICATION

RHEL-09-611185 - RHEL 9 must have the opensc package installed.DISA Red Hat Enterprise Linux 9 STIG v2r2Unix

IDENTIFICATION AND AUTHENTICATION

SLES-12-030500 - The SUSE operating system must have the packages required for multifactor authentication to be installed.DISA SLES 12 STIG v2r13Unix

IDENTIFICATION AND AUTHENTICATION

SLES-12-030510 - The SUSE operating system must implement certificate status checking for multifactor authentication.DISA SLES 12 STIG v2r13Unix

IDENTIFICATION AND AUTHENTICATION

SPLK-CL-000045 - Splunk Enterprise must use an SSO proxy service, F5 device, or SAML implementation to accept the DOD common access card (CAC) or other smart card credential for identity management, personal authentication, and multifactor authentication.DISA STIG Splunk Enterprise 7.x for Windows v3r1 REST APISplunk

IDENTIFICATION AND AUTHENTICATION

TCAT-AS-001320 - Multifactor certificate-based tokens (CAC) must be used when accessing the management interface.DISA STIG Apache Tomcat Application Server 9 v3r1 MiddlewareUnix

IDENTIFICATION AND AUTHENTICATION

UBTU-16-030800 - The Ubuntu operating system must have the packages required for multifactor authentication to be installed.DISA STIG Ubuntu 16.04 LTS v2r3Unix

IDENTIFICATION AND AUTHENTICATION

UBTU-16-030810 - The Ubuntu operating system must accept Personal Identity Verification (PIV) credentials.DISA STIG Ubuntu 16.04 LTS v2r3Unix

IDENTIFICATION AND AUTHENTICATION

UBTU-16-030820 - The Ubuntu operating system must implement certificate status checking for multifactor authentication.DISA STIG Ubuntu 16.04 LTS v2r3Unix

IDENTIFICATION AND AUTHENTICATION

UBTU-18-010432 - The Ubuntu operating system must accept Personal Identity Verification (PIV) credentials.DISA STIG Ubuntu 18.04 LTS v2r15Unix

IDENTIFICATION AND AUTHENTICATION

UBTU-18-010434 - The Ubuntu operating system must implement certificate status checking for multifactor authentication.DISA STIG Ubuntu 18.04 LTS v2r15Unix

IDENTIFICATION AND AUTHENTICATION

VCSA-70-000060 - The vCenter Server must require multifactor authentication.DISA STIG VMware vSphere 7.0 vCenter v1r3VMware

AUDIT AND ACCOUNTABILITY, IDENTIFICATION AND AUTHENTICATION

VCSA-70-000080 - The vCenter Server must enable revocation checking for certificate-based authentication.DISA STIG VMware vSphere 7.0 vCenter v1r3VMware

IDENTIFICATION AND AUTHENTICATION

VCSA-80-000080 The vCenter Server must enable revocation checking for certificate-based authentication.DISA VMware vSphere 8.0 vCenter STIG v2r1VMware

IDENTIFICATION AND AUTHENTICATION