1.1.5 Ensure 'Password must meet complexity requirements' is set to 'Enabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | IDENTIFICATION AND AUTHENTICATION |
1.5.1 Ensure 'V3' is selected for SNMP polling | CIS Palo Alto Firewall 8 Benchmark L1 v1.0.0 | Palo_Alto | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
2.1.2 Ensure MFA Delete is enabled on S3 buckets | CIS Amazon Web Services Foundations L2 3.0.0 | amazon_aws | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, MEDIA PROTECTION |
APPL-11-001100 - The macOS system must require individuals to be authenticated with an individual authenticator prior to using a group authenticator. | DISA STIG Apple macOS 11 v1r8 | Unix | IDENTIFICATION AND AUTHENTICATION |
APPL-11-001100 - The macOS system must require individuals to be authenticated with an individual authenticator prior to using a group authenticator. | DISA STIG Apple macOS 11 v1r5 | Unix | IDENTIFICATION AND AUTHENTICATION |
APPL-13-001100 - The macOS system must require individuals to be authenticated with an individual authenticator prior to using a group authenticator. | DISA STIG Apple macOS 13 v1r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
CASA-ND-000470 - The Cisco ASA must be configured to implement replay-resistant authentication mechanisms for network access to privileged accounts - ssh cipher | DISA STIG Cisco ASA NDM v2r1 | Cisco | IDENTIFICATION AND AUTHENTICATION |
CASA-ND-000470 - The Cisco ASA must be configured to implement replay-resistant authentication mechanisms for network access to privileged accounts - ssh version | DISA STIG Cisco ASA NDM v2r1 | Cisco | IDENTIFICATION AND AUTHENTICATION |
CASA-VN-000660 - The Cisco VPN remote access server must be configured to accept Common Access Card (CAC) credential credentials. | DISA STIG Cisco ASA VPN v2r1 | Cisco | IDENTIFICATION AND AUTHENTICATION |
EDGE-00-000056 - Suggestions of similar web pages in the event of a navigation error must be disabled. | DISA STIG Edge v2r1 | Windows | IDENTIFICATION AND AUTHENTICATION |
ESXI-67-000012 - The ESXi host SSH daemon must ignore .rhosts files. | DISA STIG VMware vSphere 6.7 ESXi OS v1r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
ESXI-70-000012 - The ESXi host Secure Shell (SSH) daemon must ignore '.rhosts' files. | DISA STIG VMware vSphere 7.0 ESXi OS v1r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
ESXI-80-000052 The ESXi host Secure Shell (SSH) daemon must ignore .rhosts files. | DISA VMware vSphere 8.0 ESXi STIG OS v2r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
EX19-MB-000203 Exchange Outlook Anywhere clients must use NTLM authentication to access email. | DISA Microsoft Exchange 2019 Mailbox Server STIG v2r1 | Windows | IDENTIFICATION AND AUTHENTICATION |
FGFW-ND-000205 - The FortiGate device must implement replay-resistant authentication mechanisms for network access to privileged accounts | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | IDENTIFICATION AND AUTHENTICATION |
GEN000300 - All accounts on the system must have unique user or account names. | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | IDENTIFICATION AND AUTHENTICATION |
GEN000300 - All accounts on the system must have unique user or account names. | DISA STIG AIX 6.1 v1r14 | Unix | IDENTIFICATION AND AUTHENTICATION |
GEN000320 - All accounts must be assigned unique User Identification Numbers (UIDs). | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | IDENTIFICATION AND AUTHENTICATION |
GEN000320 - All accounts must be assigned unique User Identification Numbers (UIDs). | DISA STIG AIX 6.1 v1r14 | Unix | IDENTIFICATION AND AUTHENTICATION |
GOOG-12-007200 - Google Android 12 must be configured to disable trust agents. | AirWatch - DISA Google Android 12 COPE v1r2 | MDM | IDENTIFICATION AND AUTHENTICATION |
GOOG-12-007200 - Google Android 12 must be configured to disable trust agents. | MobileIron - DISA Google Android 12 COBO v1r2 | MDM | IDENTIFICATION AND AUTHENTICATION |
GOOG-12-007200 - Google Android 12 must be configured to disable trust agents. | MobileIron - DISA Google Android 12 COPE v1r2 | MDM | IDENTIFICATION AND AUTHENTICATION |
GOOG-13-007200 - Google Android 13 must be configured to disable trust agents - NOTE: This requirement is not applicable (NA) for specific biometric authentication factors included in the product's Common Criteria evaluation. | MobileIron - DISA Google Android 13 COPE v2r1 | MDM | IDENTIFICATION AND AUTHENTICATION |
GOOG-13-007200 - Google Android 13 must be configured to disable trust agents - NOTE: This requirement is not applicable (NA) for specific biometric authentication factors included in the product's Common Criteria evaluation. | AirWatch - DISA Google Android 13 COBO v2r1 | MDM | IDENTIFICATION AND AUTHENTICATION |
GOOG-13-707200 - Google Android 13 must be configured to disable trust agents - NOTE: This requirement is not applicable (NA) for specific biometric authentication factors included in the product's Common Criteria evaluation. | MobileIron - DISA Google Android 13 BYOD v1r2 | MDM | IDENTIFICATION AND AUTHENTICATION |
GOOG-14-007200 - Google Android 14 must be configured to disable trust agents - NOTE: This requirement is not applicable (NA) for specific biometric authentication factors included in the product's Common Criteria evaluation. | AirWatch - DISA Google Android 14 COBO v2r1 | MDM | IDENTIFICATION AND AUTHENTICATION |
GOOG-14-007200 - Google Android 14 must be configured to disable trust agents - NOTE: This requirement is not applicable (NA) for specific biometric authentication factors included in the product's Common Criteria evaluation. | MobileIron - DISA Google Android 14 COPE v2r1 | MDM | IDENTIFICATION AND AUTHENTICATION |
GOOG-14-707200 - Google Android 14 must be configured to disable trust agents - NOTE: This requirement is not applicable (NA) for specific biometric authentication factors included in the product's Common Criteria evaluation. | AirWatch - DISA Google Android 14 BYOAD v1r1 | MDM | IDENTIFICATION AND AUTHENTICATION |
GOOG-14-707200 - Google Android 14 must be configured to disable trust agents - NOTE: This requirement is not applicable (NA) for specific biometric authentication factors included in the product's Common Criteria evaluation. | MobileIron - DISA Google Android 14 BYOAD v1r1 | MDM | IDENTIFICATION AND AUTHENTICATION |
OL08-00-010410 - OL 8 must accept Personal Identity Verification (PIV) credentials. | DISA Oracle Linux 8 STIG v2r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
PHTN-67-000035 - The Photon operating system must configure sshd to disallow root logins. | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | IDENTIFICATION AND AUTHENTICATION |
RHEL-08-010410 - RHEL 8 must accept Personal Identity Verification (PIV) credentials. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
SHPT-00-000531 - SharePoint sites must not use NTLM - SharePoint sites must not use NTLM. | DISA STIG SharePoint 2010 v1r9 | Windows | IDENTIFICATION AND AUTHENTICATION |
SQL2-00-018500 - SQL Server must ensure users are authenticated with an individual authenticator prior to using a shared authenticator. | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | IDENTIFICATION AND AUTHENTICATION |
SYMP-AG-000350 - Symantec ProxySG providing user authentication intermediary services must implement multifactor authentication for remote access to nonprivileged accounts such that one of the factors is provided by a device separate from the system gaining access. | DISA Symantec ProxySG Benchmark ALG v1r3 | BlueCoat | IDENTIFICATION AND AUTHENTICATION |
SYMP-AG-000370 - Symantec ProxySG providing user authentication intermediary services must use multifactor authentication for network access to nonprivileged accounts. | DISA Symantec ProxySG Benchmark ALG v1r3 | BlueCoat | IDENTIFICATION AND AUTHENTICATION |
SYMP-AG-000380 - Symantec ProxySG providing user authentication intermediary services must implement replay-resistant authentication mechanisms for network access to nonprivileged accounts. | DISA Symantec ProxySG Benchmark ALG v1r3 | BlueCoat | IDENTIFICATION AND AUTHENTICATION |
SYMP-NM-000230 - Symantec ProxySG must implement HTTPS-console to provide replay-resistant authentication mechanisms for network access to privileged accounts. - HTTP-Console | DISA Symantec ProxySG Benchmark NDM v1r2 | BlueCoat | IDENTIFICATION AND AUTHENTICATION |
SYMP-NM-000230 - Symantec ProxySG must implement HTTPS-console to provide replay-resistant authentication mechanisms for network access to privileged accounts. - HTTPS-Console | DISA Symantec ProxySG Benchmark NDM v1r2 | BlueCoat | IDENTIFICATION AND AUTHENTICATION |
UBTU-20-010064 - The Ubuntu operating system must accept Personal Identity Verification (PIV) credentials. | DISA STIG Ubuntu 20.04 LTS v2r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
UBTU-20-010065 - The Ubuntu operating system must electronically verify Personal Identity Verification (PIV) credentials. | DISA STIG Ubuntu 20.04 LTS v2r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
UBTU-22-612015 - Ubuntu 22.04 LTS must accept personal identity verification (PIV) credentials. | DISA STIG Canonical Ubuntu 22.04 LTS v2r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
UBTU-22-612025 - Ubuntu 22.04 LTS must electronically verify personal identity verification (PIV) credentials. | DISA STIG Canonical Ubuntu 22.04 LTS v2r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
VCSA-70-000059 - The vCenter Server must uniquely identify and authenticate users or processes acting on behalf of users. | DISA STIG VMware vSphere 7.0 vCenter v1r3 | VMware | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
VCTR-67-000009 - The vCenter Server must implement Active Directory authentication. | DISA STIG VMware vSphere 6.7 vCenter v1r4 | VMware | IDENTIFICATION AND AUTHENTICATION |
WBSP-AS-001080 - The WebSphere Application Server must provide security extensions to extend SOAP protocol and provide secure authentication | DISA IBM WebSphere Traditional 9 STIG v1r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
WBSP-AS-001080 - The WebSphere Application Server must provide security extensions to extend SOAP protocol and provide secure authentication | DISA IBM WebSphere Traditional 9 STIG v1r1 Middleware | Unix | IDENTIFICATION AND AUTHENTICATION |
WBSP-AS-001090 - The WebSphere Application Server must provide security extensions to extend SOAP protocol and provide secure authentication | DISA IBM WebSphere Traditional 9 STIG v1r1 Middleware | Unix | IDENTIFICATION AND AUTHENTICATION |
WBSP-AS-001090 - The WebSphere Application Server must provide security extensions to extend SOAP protocol and provide secure authentication | DISA IBM WebSphere Traditional 9 Windows STIG v1r1 | Windows | IDENTIFICATION AND AUTHENTICATION |
WN11-SO-000251 - Windows 11 must use multifactor authentication for local and network access to privileged and nonprivileged accounts. | DISA Windows 11 STIG v2r2 | Windows | IDENTIFICATION AND AUTHENTICATION |