1.1.5 Set 'login authentication for 'line tty' | CIS Cisco IOS 12 L1 v4.0.0 | Cisco | IDENTIFICATION AND AUTHENTICATION |
1.1.6 Set 'login authentication for 'line vty' | CIS Cisco IOS 12 L1 v4.0.0 | Cisco | IDENTIFICATION AND AUTHENTICATION |
1.4.2.1 Ensure 'TACACS+/RADIUS' is configured correctly - server | CIS Cisco Firewall ASA 8 L1 v4.1.0 | Cisco | IDENTIFICATION AND AUTHENTICATION |
1.4.3.2 Ensure 'aaa authentication http console' is configured correctly | CIS Cisco Firewall ASA 8 L1 v4.1.0 | Cisco | IDENTIFICATION AND AUTHENTICATION |
1.4.3.2 Ensure 'aaa authentication http console' is configured correctly | CIS Cisco Firewall ASA 9 L1 v4.0.0 | Cisco | IDENTIFICATION AND AUTHENTICATION |
1.4.3.5 Ensure 'aaa authentication ssh console' is configured correctly | CIS Cisco Firewall ASA 8 L1 v4.1.0 | Cisco | IDENTIFICATION AND AUTHENTICATION |
1.4.3.6 Ensure 'aaa authentication telnet console' is configured correctly | CIS Cisco Firewall ASA 9 L1 v4.1.0 | Cisco | IDENTIFICATION AND AUTHENTICATION |
1.6.3 Configuring Kerberos | CIS Cisco IOS 16 L2 v1.1.0 | Cisco | IDENTIFICATION AND AUTHENTICATION |
1.8.5 Verify no legacy '+' entries exist in passwd and group files '/etc/group' | CIS HP-UX 11i v1.5 | Unix | IDENTIFICATION AND AUTHENTICATION |
2.1 Ensure that authentication is enabled for MongoDB databases | CIS MongoDB L1 Windows Audit v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
2.4 Ensure an industry standard authentication mechanism is used - authorization | CIS MongoDB L2 Windows Audit v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
2.4 Ensure an industry standard authentication mechanism is used - clusterAuthMode | CIS MongoDB L2 Windows Audit v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
2.4.14.4 Secure SMB (Do not allow any anonymous connections) | CIS Apple OSX 10.5 Leopard L2 v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
2.6.3 - NIS - remove NIS markers from password and group files - '/etc/passwd does not include NIS + entries' | CIS AIX 5.3/6.1 L2 v1.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
2.08 Listener password - 'Use OS Authentication' | CIS v1.1.0 Oracle 11g OS Windows Level 1 | Windows | IDENTIFICATION AND AUTHENTICATION |
3.1.13 Enable server-based authentication | CIS IBM DB2 v10 v1.1.0 Linux OS Level 1 | Unix | IDENTIFICATION AND AUTHENTICATION |
3.1.13 Enable server-based authentication | CIS IBM DB2 v10 v1.1.0 Linux OS Level 2 | Unix | IDENTIFICATION AND AUTHENTICATION |
3.1.14 Enable server-based authentication | CIS v1.1.0 IBM DB2 v10 Linux OS Level 2 | Unix | IDENTIFICATION AND AUTHENTICATION |
3.1.14 Enable server-based authentication | CIS v1.1.0 IBM DB2 v10 Windows OS Level 1 | Windows | IDENTIFICATION AND AUTHENTICATION |
3.1.14 Enable server-based authentication | CIS v1.1.0 IBM DB2 v10 Linux OS Level 1 | Unix | IDENTIFICATION AND AUTHENTICATION |
3.1.16 Enable server-based authentication | CIS IBM DB2 9 Benchmark v3.0.1 Level 1 DB | IBM_DB2DB | IDENTIFICATION AND AUTHENTICATION |
3.1.16 Enable server-based authentication | CIS IBM DB2 9 Benchmark v3.0.1 Level 2 DB | IBM_DB2DB | IDENTIFICATION AND AUTHENTICATION |
3.4 - Anonymous Bind on LDAP server should be disabled | TNS Oracle WebLogic Server 10 Linux Best Practices | Unix | IDENTIFICATION AND AUTHENTICATION |
4.2 Authorization - 'allow users' | CIS IIS 6.0 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
4.4 Authentication | CIS IIS 6.0 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
4.4.2.5 Ensure pam_unix module is enabled | CIS Rocky Linux 8 Server L1 v2.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
6.2.2 Ensure no legacy '+' entries exist in /etc/passwd | CIS Amazon Linux v2.0.0 L1 | Unix | IDENTIFICATION AND AUTHENTICATION |
6.2.3 Ensure no legacy '+' entries exist in /etc/shadow - + entries exist in /etc/shadow | CIS SUSE Linux Enterprise Workstation 11 L1 v2.1.1 | Unix | IDENTIFICATION AND AUTHENTICATION |
6.2.4 Ensure no legacy '+' entries exist in /etc/group - + entries exist in /etc/group | CIS SUSE Linux Enterprise Workstation 11 L1 v2.1.1 | Unix | IDENTIFICATION AND AUTHENTICATION |
13.3 Verify No Legacy '+' Entries Exist in /etc/shadow File | CIS Debian Linux 7 L1 v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
20.11 Ensure 'Active Directory user accounts are configured to require the use of a Common Access Card (CAC), Personal Identity Verification (PIV)-compliant hardware token, or Alternate Logon Token (ALT)' (STIG DC only) | CIS Microsoft Windows Server 2022 STIG v1.0.0 STIG DC | Windows | IDENTIFICATION AND AUTHENTICATION |
20.58 Ensure 'Shared user accounts do not exist' | CIS Microsoft Windows Server 2019 STIG v2.0.0 STIG MS | Windows | IDENTIFICATION AND AUTHENTICATION |
Centralized authentication - configuration | ArubaOS Switch 16.x Hardening Guide v1.0.0 | ArubaOS | IDENTIFICATION AND AUTHENTICATION |
ESXi: auth-validate-interval | TNS VMWare vSphere Best Practices | VMware | IDENTIFICATION AND AUTHENTICATION |
Fortigate - AAA - TACACS+ server is trusted | TNS Fortigate FortiOS Best Practices | FortiGate | IDENTIFICATION AND AUTHENTICATION |
HP ProCurve - 'Privilege mode is configured' | TNS HP ProCurve | HPProCurve | IDENTIFICATION AND AUTHENTICATION |
Huawei: User Interfaces are Authenticated | TNS Huawei VRP Best Practice Audit | Huawei | IDENTIFICATION AND AUTHENTICATION |
Identification and Authentication - Use out of band authentication - AAA - audit logging | Tenable Cisco Viptela SD-WAN - vManage | Cisco_Viptela | IDENTIFICATION AND AUTHENTICATION |
Identification and Authentication - Use out of band authentication - AAA - netconf logging | Tenable Cisco Viptela SD-WAN - vEdge | Cisco_Viptela | IDENTIFICATION AND AUTHENTICATION |
NET0433 - Device not authenticated by AAA server - 'aaa authentication login' | DISA STIG Cisco Perimeter Router v8r8 | Cisco | IDENTIFICATION AND AUTHENTICATION |
NET0433 - Device not authenticated by AAA server - 'tacacs-server host(s) - more than 2 hosts exist' | DISA STIG Cisco Perimeter Router v8r8 | Cisco | IDENTIFICATION AND AUTHENTICATION |
NET0433 - Device not authenticated by AAA server - 'tacacs-server host(s) - second IP' | DISA STIG Cisco Perimeter Router v8r8 | Cisco | IDENTIFICATION AND AUTHENTICATION |
Network Security - Set the source address for all route engine generated traffic - radius-server | Juniper Hardening JunOS 12 Devices Checklist | Juniper | IDENTIFICATION AND AUTHENTICATION |
PCI 2.2.4 Verify common security parameter settings - Verify No Legacy '+' entries exist in '/etc/passwd' | PCI DSS 2.0/3.0 - Red Hat Linux | Unix | IDENTIFICATION AND AUTHENTICATION |
Require Authentication - DB Users - 'User authenticated by Kerberos' | TNS MongoDB 2.x Best Practices Database Audit v1.0 | MongoDB | IDENTIFICATION AND AUTHENTICATION |
Require Authentication - DB Users - 'User authenticated by LDAP' | TNS MongoDB 2.x Best Practices Database Audit v1.0 | MongoDB | IDENTIFICATION AND AUTHENTICATION |
ScreenOS:Authorization Server - Name | TNS Juniper ScreenOS Best Practices Audit | Juniper | IDENTIFICATION AND AUTHENTICATION |
ScreenOS:Authorization Server - Type | TNS Juniper ScreenOS Best Practices Audit | Juniper | IDENTIFICATION AND AUTHENTICATION |
Server-supplied privilege level | ArubaOS Switch 16.x Hardening Guide v1.0.0 | ArubaOS | IDENTIFICATION AND AUTHENTICATION |
User Authentication Security - Local Authentication - Set the authentication-order to meet your login security policy | Juniper Hardening JunOS 12 Devices Checklist | Juniper | IDENTIFICATION AND AUTHENTICATION |