| 1.1.5 Set 'login authentication for 'line tty' | CIS Cisco IOS 12 L1 v4.0.0 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| 1.1.6 Set 'login authentication for 'line vty' | CIS Cisco IOS 12 L1 v4.0.0 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| 1.4.2.1 Ensure 'TACACS+/RADIUS' is configured correctly - host | CIS Cisco Firewall ASA 9 L1 v4.1.0 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| 2.3 Ensure authentication is enabled in the sharded cluster | CIS MongoDB L1 Unix Audit v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 2.4 Ensure an industry standard authentication mechanism is used - mode | CIS MongoDB L2 Windows Audit v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.5.4 Ensure Radius or TACACS+ server is configured - tacacs-servers state on | CIS Check Point Firewall L1 v1.1.0 | CheckPoint | IDENTIFICATION AND AUTHENTICATION |
| 2.6.3 - NIS - remove NIS markers from password and group files - '/etc/group does not include NIS + entries' | CIS AIX 5.3/6.1 L2 v1.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 2.13 Set 'Allow access to voicemail without requiring a PIN' to 'False' | CIS Microsoft Exchange Server 2016 UM v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 3.1.13 Enable server-based authentication | CIS IBM DB2 v10 v1.1.0 Windows OS Level 1 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 3.1.13 Enable server-based authentication | CIS IBM DB2 v10 v1.1.0 Windows OS Level 2 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 3.1.13 Enable server-based authentication | CIS IBM DB2 v10 v1.1.0 Linux OS Level 1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 3.1.13 Enable server-based authentication | CIS IBM DB2 v10 v1.1.0 Linux OS Level 2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 3.1.16 Enable server-based authentication | CIS IBM DB2 9 Benchmark v3.0.1 Level 1 DB | IBM_DB2DB | IDENTIFICATION AND AUTHENTICATION |
| 3.1.16 Enable server-based authentication | CIS IBM DB2 9 Benchmark v3.0.1 Level 2 DB | IBM_DB2DB | IDENTIFICATION AND AUTHENTICATION |
| 3.1.16 Enable server-based authentication - 'srvcon_auth = server' | CIS IBM DB2 OS L2 v1.2.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 4.3 Use Active Directory for local user authentication - Enabled = 'true' | CIS VMware ESXi 5.5 v1.2.0 Level 1 | VMware | IDENTIFICATION AND AUTHENTICATION |
| 4.3 Use Active Directory for local user authentication - Review Domain | CIS VMware ESXi 5.5 v1.2.0 Level 1 | VMware | IDENTIFICATION AND AUTHENTICATION |
| 4.4.1.3 NIS - remove NIS markers from password and group files | CIS IBM AIX 7.2 L2 v1.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 4.4.2.5 Ensure pam_unix module is enabled | CIS Red Hat EL8 Server L1 v3.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.1.2 Ensure usernames and UIDs are unique | CIS IBM AIX 7 v1.0.0 L1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.3.2.5 Ensure pam_unix module is enabled | CIS AlmaLinux OS 9 v2.0.0 L1 Workstation | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.4 CIFS - 'ldap.enable = on' | TNS NetApp Data ONTAP 7G | NetApp | IDENTIFICATION AND AUTHENTICATION |
| 6.2.2 Ensure no legacy '+' entries exist in /etc/passwd | CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 6.2.2 Ensure no legacy '+' entries exist in /etc/passwd - + entries exist in /etc/passwd | CIS SUSE Linux Enterprise Server 11 L1 v2.1.1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 13.2 Verify No Legacy "+" Entries Exist in /etc/passwd File | CIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 13.3 Verify No Legacy '+' Entries Exist in /etc/shadow File | CIS Debian Linux 7 L1 v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| Adtran : Enable aaa | TNS Adtran AOS Best Practice Audit | Adtran | IDENTIFICATION AND AUTHENTICATION |
| ESXi : enable-ad-auth | VMWare vSphere 6.0 Hardening Guide | VMware | IDENTIFICATION AND AUTHENTICATION |
| ESXi : enable-ad-auth | VMWare vSphere 5.X Hardening Guide | VMware | IDENTIFICATION AND AUTHENTICATION |
| ESXi : enable-ad-auth | VMWare vSphere 6.5 Hardening Guide | VMware | IDENTIFICATION AND AUTHENTICATION |
| External authentication is disabled | TNS Citrix Hypervisor | Unix | IDENTIFICATION AND AUTHENTICATION |
| FireEye - AAA is enabled | TNS FireEye | FireEye | IDENTIFICATION AND AUTHENTICATION |
| FireEye - AAA tries local authentication first | TNS FireEye | FireEye | IDENTIFICATION AND AUTHENTICATION |
| Fortigate - AAA - RADIUS server is trusted | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | IDENTIFICATION AND AUTHENTICATION |
| Huawei: Enable AAA authorization | TNS Huawei VRP Best Practice Audit | Huawei | IDENTIFICATION AND AUTHENTICATION |
| IBM i : Remote Sign-On Control (QRMTSIGN) - '*REJECT' | IBM System i Security Reference for V7R2 | AS/400 | IDENTIFICATION AND AUTHENTICATION |
| Identification and Authentication - Use out of band authentication - AAA - audit logging | Tenable Cisco Viptela SD-WAN - vSmart | Cisco_Viptela | IDENTIFICATION AND AUTHENTICATION |
| Identification and Authentication - Use out of band authentication - AAA - netconf logging | Tenable Cisco Viptela SD-WAN - vBond | Cisco_Viptela | IDENTIFICATION AND AUTHENTICATION |
| Identification and Authentication - Use out of band authentication - AAA - netconf logging | Tenable Cisco Viptela SD-WAN - vManage | Cisco_Viptela | IDENTIFICATION AND AUTHENTICATION |
| Identification and Authentication - Use out of band authentication - Admin Authentication Order | Tenable Cisco Viptela SD-WAN - vEdge | Cisco_Viptela | IDENTIFICATION AND AUTHENTICATION |
| Identification and Authentication - Use out of band authentication - Admin Authentication Order | Tenable Cisco Viptela SD-WAN - vSmart | Cisco_Viptela | IDENTIFICATION AND AUTHENTICATION |
| Identification and Authentication - Use out of band authentication - Authentication Order | Tenable Cisco Viptela SD-WAN - vEdge | Cisco_Viptela | IDENTIFICATION AND AUTHENTICATION |
| Identification and Authentication - Use out of band authentication - Authentication Order | Tenable Cisco Viptela SD-WAN - vManage | Cisco_Viptela | IDENTIFICATION AND AUTHENTICATION |
| Identification and Authentication - Use out of band authentication - Server IP | Tenable Cisco Viptela SD-WAN - vBond | Cisco_Viptela | IDENTIFICATION AND AUTHENTICATION |
| Identification and Authentication - Use out of band authentication - Server IP | Tenable Cisco Viptela SD-WAN - vManage | Cisco_Viptela | IDENTIFICATION AND AUTHENTICATION |
| Restrict Unauthenticated RPC clients | MSCT Windows 10 v22H2 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| Restrict Unauthenticated RPC clients | MSCT Windows 11 v23H2 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| Restrict Unauthenticated RPC clients | MSCT Windows Server 2022 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| SNMP: configure access groups to use privacy | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | IDENTIFICATION AND AUTHENTICATION |
| WatchGuard : LDAP Server Name | TNS Best Practice WatchGuard Audit 1.0.0 | WatchGuard | IDENTIFICATION AND AUTHENTICATION |
