| AIX7-00-001012 - AIX must use the SSH server to implement replay-resistant authentication mechanisms for network access to privileged and non-privileged accounts. | DISA STIG AIX 7.x v2r9 | Unix | IDENTIFICATION AND AUTHENTICATION |
| AOSX-13-000570 - The macOS system must implement NSA-approved cryptography to protect classified information in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards. | DISA STIG Apple Mac OSX 10.13 v2r5 | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| AOSX-14-000040 - The macOS system must use replay-resistant authentication mechanisms and implement cryptographic mechanisms to protect the integrity of and verify remote disconnection at the termination of nonlocal maintenance and diagnostic communications, when used for nonlocal maintenance sessions - OpenSSH Version | DISA STIG Apple Mac OSX 10.14 v2r6 | Unix | IDENTIFICATION AND AUTHENTICATION, MAINTENANCE |
| AOSX-14-000040 - The macOS system must use replay-resistant authentication mechanisms and implement cryptographic mechanisms to protect the integrity of and verify remote disconnection at the termination of nonlocal maintenance and diagnostic communications, when used for nonlocal maintenance sessions - SSHD currently running | DISA STIG Apple Mac OSX 10.14 v2r6 | Unix | IDENTIFICATION AND AUTHENTICATION, MAINTENANCE |
| AOSX-14-000040 - The macOS system must use replay-resistant authentication mechanisms and implement cryptographic mechanisms to protect the integrity of and verify remote disconnection at the termination of nonlocal maintenance and diagnostic communications, when used for nonlocal maintenance sessions - SSHD service disabled | DISA STIG Apple Mac OSX 10.14 v2r6 | Unix | IDENTIFICATION AND AUTHENTICATION, MAINTENANCE |
| APPL-14-000080 - The macOS system must enable SSH server for remote access sessions. | DISA Apple macOS 14 (Sonoma) STIG v2r1 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| APPL-14-001150 - The macOS system must disable password authentication for SSH. | DISA Apple macOS 14 (Sonoma) STIG v2r1 | Unix | IDENTIFICATION AND AUTHENTICATION, MAINTENANCE |
| APPL-14-003020 - The macOS system must enforce smart card authentication. | DISA Apple macOS 14 (Sonoma) STIG v2r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| APPL-14-003030 - The macOS system must allow smart card authentication. | DISA Apple macOS 14 (Sonoma) STIG v2r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| APPL-14-003050 - The macOS system must enforce multifactor authentication for logon. | DISA Apple macOS 14 (Sonoma) STIG v2r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| APPL-14-003051 - The macOS system must enforce multifactor authentication for the su command. | DISA Apple macOS 14 (Sonoma) STIG v2r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| APPL-14-003052 - The macOS system must enforce multifactor authentication for privilege escalation through the sudo command. | DISA Apple macOS 14 (Sonoma) STIG v2r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| APPL-15-001150 - The macOS system must disable password authentication for SSH. | DISA Apple macOS 15 (Sequoia) STIG v1r1 | Unix | IDENTIFICATION AND AUTHENTICATION, MAINTENANCE |
| APPL-15-003030 - The macOS system must allow smart card authentication. | DISA Apple macOS 15 (Sequoia) STIG v1r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| APPL-15-003050 - The macOS system must enforce multifactor authentication for login. | DISA Apple macOS 15 (Sequoia) STIG v1r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| APPL-15-003051 - The macOS system must enforce multifactor authentication for the su command. | DISA Apple macOS 15 (Sequoia) STIG v1r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| APPL-15-003052 - The macOS system must enforce multifactor authentication for privilege escalation through the sudo command. | DISA Apple macOS 15 (Sequoia) STIG v1r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| Catalina - Disable Password Authentication for SSH | NIST macOS Catalina v1.5.0 - All Profiles | Unix | IDENTIFICATION AND AUTHENTICATION, MAINTENANCE |
| CISC-ND-001200 - The Cisco router must be configured to use FIPS-validated Keyed-Hash Message Authentication Code (HMAC) to protect the integrity of remote maintenance sessions. | DISA STIG Cisco IOS Router NDM v3r1 | Cisco | IDENTIFICATION AND AUTHENTICATION, MAINTENANCE |
| CISC-ND-001200 - The Cisco router must be configured to use FIPS-validated Keyed-Hash Message Authentication Code (HMAC) to protect the integrity of remote maintenance sessions. | DISA STIG Cisco IOS XE Router NDM v3r1 | Cisco | IDENTIFICATION AND AUTHENTICATION, MAINTENANCE |
| CISC-ND-001200 - The Cisco switch must be configured to use FIPS-validated Keyed-Hash Message Authentication Code (HMAC) to protect the integrity of remote maintenance sessions. | DISA STIG Cisco IOS Switch NDM v3r1 | Cisco | IDENTIFICATION AND AUTHENTICATION, MAINTENANCE |
| CISC-ND-001200 - The Cisco switch must be configured to use FIPS-validated Keyed-Hash Message Authentication Code (HMAC) to protect the integrity of remote maintenance sessions. | DISA STIG Cisco IOS XE Switch NDM v3r1 | Cisco | IDENTIFICATION AND AUTHENTICATION, MAINTENANCE |
| ESXI-67-000037 - The ESXi host must use Active Directory for local user authentication. | DISA STIG VMware vSphere 6.7 ESXi v1r3 | VMware | IDENTIFICATION AND AUTHENTICATION |
| ESXI-67-000038 - ESXi hosts using Host Profiles and/or Auto Deploy must use the vSphere Authentication Proxy to protect passwords when adding themselves to Active Directory. | DISA STIG VMware vSphere 6.7 ESXi v1r3 | VMware | IDENTIFICATION AND AUTHENTICATION |
| ESXI-67-000039 - Active Directory ESX Admin group membership must not be used when adding ESXi hosts to Active Directory. | DISA STIG VMware vSphere 6.7 ESXi v1r3 | VMware | IDENTIFICATION AND AUTHENTICATION |
| ESXI-70-000037 - The ESXi host must use Active Directory for local user authentication. | DISA STIG VMware vSphere 7.0 ESXi v1r2 | VMware | IDENTIFICATION AND AUTHENTICATION |
| ESXI-80-000049 The ESXi host must uniquely identify and must authenticate organizational users by using Active Directory. | DISA VMware vSphere 8.0 ESXi STIG v2r1 | VMware | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Monterey - Disable Password Authentication for SSH | NIST macOS Monterey v1.0.0 - 800-53r4 Moderate | Unix | IDENTIFICATION AND AUTHENTICATION, MAINTENANCE |
| Monterey - Disable Password Authentication for SSH | NIST macOS Monterey v1.0.0 - 800-53r5 Moderate | Unix | IDENTIFICATION AND AUTHENTICATION, MAINTENANCE |
| Monterey - Disable Password Authentication for SSH | NIST macOS Monterey v1.0.0 - All Profiles | Unix | IDENTIFICATION AND AUTHENTICATION, MAINTENANCE |
| Monterey - Disable Password Authentication for SSH | NIST macOS Monterey v1.0.0 - 800-53r4 High | Unix | IDENTIFICATION AND AUTHENTICATION, MAINTENANCE |
| Monterey - Disable Password Authentication for SSH | NIST macOS Monterey v1.0.0 - 800-53r4 Low | Unix | IDENTIFICATION AND AUTHENTICATION, MAINTENANCE |
| Monterey - Disable Password Authentication for SSH | NIST macOS Monterey v1.0.0 - 800-53r5 High | Unix | IDENTIFICATION AND AUTHENTICATION, MAINTENANCE |
| Monterey - Enforce Smartcard Authentication | NIST macOS Monterey v1.0.0 - 800-171 | Unix | IDENTIFICATION AND AUTHENTICATION |
| Monterey - Enforce Smartcard Authentication | NIST macOS Monterey v1.0.0 - 800-53r5 Low | Unix | IDENTIFICATION AND AUTHENTICATION |
| Monterey - Enforce Smartcard Authentication | NIST macOS Monterey v1.0.0 - CNSSI 1253 | Unix | IDENTIFICATION AND AUTHENTICATION |
| Monterey - Enforce Smartcard Authentication | NIST macOS Monterey v1.0.0 - 800-53r5 Moderate | Unix | IDENTIFICATION AND AUTHENTICATION |
| Monterey - Enforce Smartcard Authentication | NIST macOS Monterey v1.0.0 - All Profiles | Unix | IDENTIFICATION AND AUTHENTICATION |
| UBTU-16-030200 - The Ubuntu operating system must enforce SSHv2 for network access to all accounts. | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| UBTU-18-010412 - The Ubuntu operating system must enforce SSHv2 for network access to all accounts. | DISA STIG Ubuntu 18.04 LTS v2r15 | Unix | IDENTIFICATION AND AUTHENTICATION |
| WN12-AC-000014-DC - The computer clock synchronization tolerance must be limited to 5 minutes or less. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN16-DC-000020 - Kerberos user logon restrictions must be enforced. | DISA Windows Server 2016 STIG v2r9 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN16-DC-000030 - The Kerberos service ticket maximum lifetime must be limited to 600 minutes or less. | DISA Windows Server 2016 STIG v2r9 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN16-DC-000040 - The Kerberos user ticket lifetime must be limited to 10 hours or less. | DISA Windows Server 2016 STIG v2r9 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN16-DC-000050 - The Kerberos policy user ticket renewal maximum lifetime must be limited to seven days or less. | DISA Windows Server 2016 STIG v2r9 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN16-DC-000060 - The computer clock synchronization tolerance must be limited to 5 minutes or less. | DISA Windows Server 2016 STIG v2r9 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN19-DC-000030 - Windows Server 2019 Kerberos service ticket maximum lifetime must be limited to 600 minutes or less. | DISA Windows Server 2019 STIG v3r2 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN19-DC-000040 - Windows Server 2019 Kerberos user ticket lifetime must be limited to 10 hours or less. | DISA Windows Server 2019 STIG v3r2 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN19-DC-000050 - Windows Server 2019 Kerberos policy user ticket renewal maximum lifetime must be limited to seven days or less. | DISA Windows Server 2019 STIG v3r2 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN19-DC-000060 - Windows Server 2019 computer clock synchronization tolerance must be limited to five minutes or less. | DISA Windows Server 2019 STIG v3r2 | Windows | IDENTIFICATION AND AUTHENTICATION |
