| ARST-ND-000690 - The Arista network devices must use FIPS-validated Keyed-Hash Message Authentication Code (HMAC) to protect the integrity of remote maintenance sessions. | DISA STIG Arista MLS EOS 4.2x NDM v2r1 | Arista | IDENTIFICATION AND AUTHENTICATION, MAINTENANCE |
| Big Sur - Disable SSH Server for Remote Access Sessions | NIST macOS Big Sur v1.4.0 - 800-53r4 High | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| Big Sur - Disable SSH Server for Remote Access Sessions | NIST macOS Big Sur v1.4.0 - 800-53r4 Low | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| Big Sur - Enforce Multifactor Authentication for Login | NIST macOS Big Sur v1.4.0 - 800-171 | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| Big Sur - Enforce Multifactor Authentication for Login | NIST macOS Big Sur v1.4.0 - 800-53r5 Moderate | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| Big Sur - Enforce Multifactor Authentication for Login | NIST macOS Big Sur v1.4.0 - 800-53r5 High | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| Big Sur - Enforce Multifactor Authentication for Login | NIST macOS Big Sur v1.4.0 - CNSSI 1253 | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| Big Sur - Enforce Multifactor Authentication for Privilege Escalation Through the sudo Command | NIST macOS Big Sur v1.4.0 - 800-53r4 Low | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| Big Sur - Enforce Multifactor Authentication for Privilege Escalation Through the sudo Command | NIST macOS Big Sur v1.4.0 - 800-53r4 Moderate | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| Big Sur - Enforce Multifactor Authentication for Privilege Escalation Through the sudo Command | NIST macOS Big Sur v1.4.0 - 800-53r5 High | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| Big Sur - Enforce Multifactor Authentication for Privilege Escalation Through the sudo Command | NIST macOS Big Sur v1.4.0 - 800-53r5 Moderate | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| Big Sur - Enforce Multifactor Authentication for the su Command | NIST macOS Big Sur v1.4.0 - 800-53r4 Moderate | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| Big Sur - Enforce Multifactor Authentication for the su Command | NIST macOS Big Sur v1.4.0 - CNSSI 1253 | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| Big Sur - Enforce Multifactor Authentication for the su Command | NIST macOS Big Sur v1.4.0 - 800-53r4 High | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| Big Sur - Enforce Multifactor Authentication for the su Command | NIST macOS Big Sur v1.4.0 - 800-53r5 Low | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| Catalina - Disable SSH Server for Remote Access Sessions | NIST macOS Catalina v1.5.0 - 800-53r5 High | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| Catalina - Enforce Multifactor Authentication for Login | NIST macOS Catalina v1.5.0 - 800-53r4 Low | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| Catalina - Enforce Multifactor Authentication for Login | NIST macOS Catalina v1.5.0 - 800-53r5 High | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| Catalina - Enforce Multifactor Authentication for Login | NIST macOS Catalina v1.5.0 - CNSSI 1253 | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| Catalina - Enforce Multifactor Authentication for Privilege Escalation Through the sudo Command | NIST macOS Catalina v1.5.0 - 800-53r5 High | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| Catalina - Enforce Multifactor Authentication for Privilege Escalation Through the sudo Command | NIST macOS Catalina v1.5.0 - 800-53r5 Moderate | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| Catalina - Enforce Multifactor Authentication for the su Command | NIST macOS Catalina v1.5.0 - 800-171 | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| Catalina - Enforce Multifactor Authentication for the su Command | NIST macOS Catalina v1.5.0 - 800-53r4 Low | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| Catalina - Enforce Multifactor Authentication for the su Command | NIST macOS Catalina v1.5.0 - 800-53r4 Moderate | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| Catalina - Enforce Multifactor Authentication for the su Command | NIST macOS Catalina v1.5.0 - CNSSI 1253 | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| CISC-ND-000530 - The Cisco router must be configured to implement replay-resistant authentication mechanisms for network access to privileged accounts. | DISA STIG Cisco IOS-XR Router NDM v3r1 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| ESXI-06-200037 - The VMM must implement replay-resistant authentication mechanisms for network access to privileged accounts by using Active Directory for local user authentication. | DISA STIG VMware vSphere 6.x ESXi v1r5 | VMware | IDENTIFICATION AND AUTHENTICATION |
| ESXI-06-200038 - The VMM must implement replay-resistant authentication mechanisms for network access to privileged accounts by using the vSphere Authentication Proxy. | DISA STIG VMware vSphere 6.x ESXi v1r5 | VMware | IDENTIFICATION AND AUTHENTICATION |
| ESXI-06-200039 - The VMM must implement replay-resistant authentication mechanisms for network access to privileged accounts by restricting use of Active Directory ESX Admin group membership. | DISA STIG VMware vSphere 6.x ESXi v1r5 | VMware | IDENTIFICATION AND AUTHENTICATION |
| GEN005500 - The SSH daemon must be configured to only use the SSHv2 protocol. | DISA STIG Solaris 10 X86 v2r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| GEN005500 - The SSH daemon must be configured to only use the SSHv2 protocol. | DISA STIG Solaris 10 SPARC v2r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| JUSX-DM-000124 - The Juniper SRX Services Gateway must implement replay-resistant authentication mechanisms for network access to privileged accounts. | DISA Juniper SRX Services Gateway NDM v3r1 | Juniper | IDENTIFICATION AND AUTHENTICATION |
| Monterey - Enable SSH Server for Remote Access Sessions | NIST macOS Monterey v1.0.0 - 800-53r5 Low | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| Monterey - Enable SSH Server for Remote Access Sessions | NIST macOS Monterey v1.0.0 - 800-171 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| Monterey - Enable SSH Server for Remote Access Sessions | NIST macOS Monterey v1.0.0 - 800-53r4 High | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| Monterey - Enforce Multifactor Authentication for Login | NIST macOS Monterey v1.0.0 - 800-53r5 Low | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| Monterey - Enforce Multifactor Authentication for Login | NIST macOS Monterey v1.0.0 - 800-171 | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| Monterey - Enforce Multifactor Authentication for Login | NIST macOS Monterey v1.0.0 - 800-53r4 High | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| Monterey - Enforce Multifactor Authentication for Privilege Escalation Through the sudo Command | NIST macOS Monterey v1.0.0 - 800-53r5 High | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| Monterey - Enforce Multifactor Authentication for Privilege Escalation Through the sudo Command | NIST macOS Monterey v1.0.0 - 800-53r5 Low | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| Monterey - Enforce Multifactor Authentication for Privilege Escalation Through the sudo Command | NIST macOS Monterey v1.0.0 - 800-53r4 Moderate | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| Monterey - Enforce Multifactor Authentication for Privilege Escalation Through the sudo Command | NIST macOS Monterey v1.0.0 - 800-53r5 Moderate | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| Monterey - Enforce Multifactor Authentication for the su Command | NIST macOS Monterey v1.0.0 - 800-53r5 High | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| Monterey - Enforce Multifactor Authentication for the su Command | NIST macOS Monterey v1.0.0 - 800-53r5 Moderate | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| Monterey - Enforce Multifactor Authentication for the su Command | NIST macOS Monterey v1.0.0 - 800-53r4 High | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| PANW-NM-000051 - The Palo Alto Networks security platform must implement replay-resistant authentication mechanisms for network access to privileged accounts. | DISA STIG Palo Alto NDM v3r1 | Palo_Alto | IDENTIFICATION AND AUTHENTICATION |
| RHEL-06-000227 - The SSH daemon must be configured to use only the SSHv2 protocol. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| WN22-DC-000040 - Windows Server 2022 Kerberos user ticket lifetime must be limited to 10 hours or less. | DISA Windows Server 2022 STIG v2r2 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN22-DC-000050 - Windows Server 2022 Kerberos policy user ticket renewal maximum lifetime must be limited to seven days or less. | DISA Windows Server 2022 STIG v2r2 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN22-DC-000060 - Windows Server 2022 computer clock synchronization tolerance must be limited to five minutes or less. | DISA Windows Server 2022 STIG v2r2 | Windows | IDENTIFICATION AND AUTHENTICATION |
