1.1.3 Ensure that 'Multi-Factor Auth Status' is 'Enabled' for all Non-Privileged Users | CIS Microsoft Azure Foundations v2.1.0 L2 | microsoft_azure | IDENTIFICATION AND AUTHENTICATION |
1.1.4 Ensure that 'Allow users to remember multi-factor authentication on devices they trust' is Disabled | CIS Microsoft Azure Foundations v2.1.0 L1 | microsoft_azure | IDENTIFICATION AND AUTHENTICATION |
1.1.5 Set 'login authentication for 'line tty' | CIS Cisco IOS 12 L1 v4.0.0 | Cisco | IDENTIFICATION AND AUTHENTICATION |
1.1.6 Set 'login authentication for 'line vty' | CIS Cisco IOS 12 L1 v4.0.0 | Cisco | IDENTIFICATION AND AUTHENTICATION |
1.5 Ensure That 'Number of methods required to reset' is set to '2' | CIS Microsoft Azure Foundations v2.1.0 L1 | microsoft_azure | IDENTIFICATION AND AUTHENTICATION |
1.6.3 Configuring Kerberos | CIS Cisco IOS 16 L2 v1.1.0 | Cisco | IDENTIFICATION AND AUTHENTICATION |
1.8.5 Verify no legacy '+' entries exist in passwd and group files '/etc/group' | CIS HP-UX 11i v1.5 | Unix | IDENTIFICATION AND AUTHENTICATION |
2.2 Ensure that MongoDB does not bypass authentication via the localhost exception | CIS MongoDB 3.6 L1 Unix Audit v1.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
2.2 Ensure that MongoDB does not bypass authentication via the localhost exception | CIS MongoDB 4 L1 OS Linux v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
2.2 Ensure that MongoDB does not bypass authentication via the localhost exception | CIS MongoDB 5 L1 OS Linux v1.2.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
2.2 Ensure that MongoDB does not bypass authentication via the localhost exception | CIS MongoDB 7 L1 OS Linux v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
2.2 Ensure that MongoDB does not bypass authentication via the localhost exception | CIS MongoDB 5 L1 OS Windows v1.2.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
2.4.14.4 Secure SMB (Do not allow any anonymous connections) | CIS Apple OSX 10.5 Leopard L2 v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
2.6.3 - NIS - remove NIS markers from password and group files - '/etc/passwd does not include NIS + entries' | CIS AIX 5.3/6.1 L2 v1.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
3.1.13 Enable server-based authentication | CIS IBM DB2 v10 v1.1.0 Linux OS Level 1 | Unix | IDENTIFICATION AND AUTHENTICATION |
3.1.13 Enable server-based authentication | CIS IBM DB2 v10 v1.1.0 Linux OS Level 2 | Unix | IDENTIFICATION AND AUTHENTICATION |
3.1.14 Enable server-based authentication | CIS v1.1.0 IBM DB2 v10 Linux OS Level 1 | Unix | IDENTIFICATION AND AUTHENTICATION |
3.1.16 Enable server-based authentication | CIS IBM DB2 9 Benchmark v3.0.1 Level 1 DB | IBM_DB2DB | IDENTIFICATION AND AUTHENTICATION |
3.1.16 Enable server-based authentication | CIS IBM DB2 9 Benchmark v3.0.1 Level 2 DB | IBM_DB2DB | IDENTIFICATION AND AUTHENTICATION |
5.1.9 Ensure SSH HostbasedAuthentication is disabled | CIS Google Container-Optimized OS L1 Server v1.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
5.1.11 Ensure SSH PermitEmptyPasswords is disabled | CIS Google Container-Optimized OS L1 Server v1.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
5.2.3.4 Ensure all member users are 'MFA capable' | CIS Microsoft 365 Foundations E3 L1 v3.1.0 | microsoft_azure | IDENTIFICATION AND AUTHENTICATION |
5.3.3 Ensure authselect includes with-faillock - 'authselect' | CIS Red Hat EL8 Server L1 v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
6.2.2 Ensure no legacy '+' entries exist in /etc/passwd | CIS Amazon Linux v2.0.0 L1 | Unix | IDENTIFICATION AND AUTHENTICATION |
6.2.3 Ensure no legacy '+' entries exist in /etc/shadow | CIS Ubuntu Linux 14.04 LTS Workstation L2 v2.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
6.2.3 Ensure no legacy '+' entries exist in /etc/shadow | CIS SUSE Linux Enterprise Workstation 11 L1 v2.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
6.2.3 Ensure no legacy '+' entries exist in /etc/shadow - + entries exist in /etc/shadow | CIS SUSE Linux Enterprise Workstation 11 L1 v2.1.1 | Unix | IDENTIFICATION AND AUTHENTICATION |
6.2.4 Ensure no legacy '+' entries exist in /etc/group - + entries exist in /etc/group | CIS SUSE Linux Enterprise Workstation 11 L1 v2.1.1 | Unix | IDENTIFICATION AND AUTHENTICATION |
13.3 Verify No Legacy '+' Entries Exist in /etc/shadow File | CIS Debian Linux 7 L1 v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
13.4 Verify No Legacy "+" Entries Exist in /etc/group File | CIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
18.10.15.5 (L1) Ensure 'Enable OneSettings Auditing' is set to 'Enabled' | CIS Microsoft Windows Server 2019 STIG v2.0.0 L1 MS | Windows | IDENTIFICATION AND AUTHENTICATION |
18.10.15.5 (L1) Ensure 'Enable OneSettings Auditing' is set to 'Enabled' | CIS Microsoft Windows Server 2016 STIG v2.0.0 L1 DC | Windows | IDENTIFICATION AND AUTHENTICATION |
18.10.15.5 Ensure 'Enable OneSettings Auditing' is set to 'Enabled' | CIS Microsoft Windows Server 2022 STIG v1.0.0 L1 DC | Windows | IDENTIFICATION AND AUTHENTICATION |
Big Sur - Disable Login to Other User's Active and Locked Sessions | NIST macOS Big Sur v1.4.0 - 800-53r4 High | Unix | IDENTIFICATION AND AUTHENTICATION |
Catalina - Disable Login to Other User's Active and Locked Sessions | NIST macOS Catalina v1.5.0 - 800-53r5 Moderate | Unix | IDENTIFICATION AND AUTHENTICATION |
Catalina - Disable Password Authentication for SSH | NIST macOS Catalina v1.5.0 - All Profiles | Unix | IDENTIFICATION AND AUTHENTICATION, MAINTENANCE |
Centralized authentication - configuration | ArubaOS Switch 16.x Hardening Guide v1.0.0 | ArubaOS | IDENTIFICATION AND AUTHENTICATION |
Monterey - Disable Login to Other User's Active and Locked Sessions | NIST macOS Monterey v1.0.0 - 800-53r4 Low | Unix | IDENTIFICATION AND AUTHENTICATION |
Monterey - Disable Login to Other User's Active and Locked Sessions | NIST macOS Monterey v1.0.0 - 800-53r5 Moderate | Unix | IDENTIFICATION AND AUTHENTICATION |
Monterey - Disable Login to Other User's Active and Locked Sessions | NIST macOS Monterey v1.0.0 - All Profiles | Unix | IDENTIFICATION AND AUTHENTICATION |
Monterey - Disable Login to Other User's Active and Locked Sessions | NIST macOS Monterey v1.0.0 - CNSSI 1253 | Unix | IDENTIFICATION AND AUTHENTICATION |
Monterey - Disable Password Authentication for SSH | NIST macOS Monterey v1.0.0 - 800-53r4 Moderate | Unix | IDENTIFICATION AND AUTHENTICATION, MAINTENANCE |
Monterey - Disable Password Authentication for SSH | NIST macOS Monterey v1.0.0 - 800-53r5 Moderate | Unix | IDENTIFICATION AND AUTHENTICATION, MAINTENANCE |
Monterey - Disable Password Authentication for SSH | NIST macOS Monterey v1.0.0 - All Profiles | Unix | IDENTIFICATION AND AUTHENTICATION, MAINTENANCE |
Monterey - Disable Root Login | NIST macOS Monterey v1.0.0 - 800-53r4 Moderate | Unix | IDENTIFICATION AND AUTHENTICATION |
Monterey - Disable Root Login | NIST macOS Monterey v1.0.0 - 800-53r5 High | Unix | IDENTIFICATION AND AUTHENTICATION |
Monterey - Disable Root Login | NIST macOS Monterey v1.0.0 - 800-53r5 Moderate | Unix | IDENTIFICATION AND AUTHENTICATION |
Network Security - Set the source address for all route engine generated traffic - radius-server | Juniper Hardening JunOS 12 Devices Checklist | Juniper | IDENTIFICATION AND AUTHENTICATION |
Server-supplied privilege level | ArubaOS Switch 16.x Hardening Guide v1.0.0 | ArubaOS | IDENTIFICATION AND AUTHENTICATION |
User Authentication Security - Local Authentication - Set the authentication-order to meet your login security policy | Juniper Hardening JunOS 12 Devices Checklist | Juniper | IDENTIFICATION AND AUTHENTICATION |