| 1.2.3 Ensure HTTP and Telnet options are disabled for the management interface | CIS Palo Alto Firewall 8 Benchmark L1 v1.0.0 | Palo_Alto | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.2.5 Ensure valid certificate is set for browser-based administrator interface - Authentication Profile | CIS Palo Alto Firewall 8 Benchmark L2 v1.0.0 | Palo_Alto | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.2.5 Ensure valid certificate is set for browser-based administrator interface - Certificate Profiles | CIS Palo Alto Firewall 8 Benchmark L2 v1.0.0 | Palo_Alto | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.2.5 Ensure valid certificate is set for browser-based administrator interface - Certificates | CIS Palo Alto Firewall 8 Benchmark L2 v1.0.0 | Palo_Alto | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.5.1 Ensure 'V3' is selected for SNMP polling | CIS Palo Alto Firewall 8 Benchmark L1 v1.0.0 | Palo_Alto | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.1.2 Ensure MFA Delete is enabled on S3 buckets | CIS Amazon Web Services Foundations v4.0.1 L2 | amazon_aws | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, MEDIA PROTECTION |
| 2.2.5 Ensure that A Multi-factor Authentication Policy Exists for All Users | CIS Microsoft Azure Foundations v3.0.0 L2 | microsoft_azure | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 2.2.6 Ensure Multi-factor Authentication is Required for Risky Sign-ins | CIS Microsoft Azure Foundations v3.0.0 L2 | microsoft_azure | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 6.9.3 Ensure SSH Key Authentication is not set for Root Login | CIS Juniper OS Benchmark v2.1.0 L1 | Juniper | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 18.9.98.1 (L2) Ensure 'Allow Remote Shell Access' is set to 'Disabled' | CIS Microsoft Windows 8.1 v2.4.1 L2 | Windows | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, RISK ASSESSMENT |
| 18.9.98.1 (L2) Ensure 'Allow Remote Shell Access' is set to 'Disabled' | CIS Microsoft Windows 8.1 v2.4.1 L2 Bitlocker | Windows | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, RISK ASSESSMENT |
| ALMA-09-033240 - AlmaLinux OS 9 SSHD must accept public key authentication. | DISA CloudLinux AlmaLinux OS 9 STIG v1r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| Big Sur - Allow Smartcard Authentication | NIST macOS Big Sur v1.4.0 - 800-53r4 Moderate | Unix | IDENTIFICATION AND AUTHENTICATION |
| Big Sur - Allow Smartcard Authentication | NIST macOS Big Sur v1.4.0 - All Profiles | Unix | IDENTIFICATION AND AUTHENTICATION |
| Big Sur - Allow Smartcard Authentication | NIST macOS Big Sur v1.4.0 - 800-53r5 High | Unix | IDENTIFICATION AND AUTHENTICATION |
| Big Sur - Allow Smartcard Authentication | NIST macOS Big Sur v1.4.0 - 800-53r5 Moderate | Unix | IDENTIFICATION AND AUTHENTICATION |
| Big Sur - Allow Smartcard Authentication | NIST macOS Big Sur v1.4.0 - 800-53r4 High | Unix | IDENTIFICATION AND AUTHENTICATION |
| Big Sur - Allow Smartcard Authentication | NIST macOS Big Sur v1.4.0 - 800-53r4 Low | Unix | IDENTIFICATION AND AUTHENTICATION |
| Big Sur - Allow Smartcard Authentication | NIST macOS Big Sur v1.4.0 - 800-53r5 Low | Unix | IDENTIFICATION AND AUTHENTICATION |
| Big Sur - Allow Smartcard Authentication | NIST macOS Big Sur v1.4.0 - CNSSI 1253 | Unix | IDENTIFICATION AND AUTHENTICATION |
| Catalina - Allow Smartcard Authentication | NIST macOS Catalina v1.5.0 - All Profiles | Unix | IDENTIFICATION AND AUTHENTICATION |
| Catalina - Allow Smartcard Authentication | NIST macOS Catalina v1.5.0 - 800-53r5 Low | Unix | IDENTIFICATION AND AUTHENTICATION |
| Catalina - Allow Smartcard Authentication | NIST macOS Catalina v1.5.0 - 800-53r5 Moderate | Unix | IDENTIFICATION AND AUTHENTICATION |
| Catalina - Allow Smartcard Authentication | NIST macOS Catalina v1.5.0 - 800-53r4 Low | Unix | IDENTIFICATION AND AUTHENTICATION |
| Catalina - Allow Smartcard Authentication | NIST macOS Catalina v1.5.0 - 800-53r5 High | Unix | IDENTIFICATION AND AUTHENTICATION |
| Catalina - Allow Smartcard Authentication | NIST macOS Catalina v1.5.0 - CNSSI 1253 | Unix | IDENTIFICATION AND AUTHENTICATION |
| GOOG-13-007200 - Google Android 13 must be configured to disable trust agents - NOTE: This requirement is not applicable (NA) for specific biometric authentication factors included in the product's Common Criteria evaluation. | AirWatch - DISA Google Android 13 COPE v2r1 | MDM | IDENTIFICATION AND AUTHENTICATION |
| GOOG-13-007200 - Google Android 13 must be configured to disable trust agents - NOTE: This requirement is not applicable (NA) for specific biometric authentication factors included in the product's Common Criteria evaluation. | MobileIron - DISA Google Android 13 COBO v2r1 | MDM | IDENTIFICATION AND AUTHENTICATION |
| GOOG-13-007200 - Google Android 13 must be configured to disable trust agents - NOTE: This requirement is not applicable (NA) for specific biometric authentication factors included in the product's Common Criteria evaluation. | AirWatch - DISA Google Android 13 COBO v2r1 | MDM | IDENTIFICATION AND AUTHENTICATION |
| GOOG-13-007200 - Google Android 13 must be configured to disable trust agents - NOTE: This requirement is not applicable (NA) for specific biometric authentication factors included in the product's Common Criteria evaluation. | MobileIron - DISA Google Android 13 COPE v2r1 | MDM | IDENTIFICATION AND AUTHENTICATION |
| GOOG-14-007200 - Google Android 14 must be configured to disable trust agents - NOTE: This requirement is not applicable (NA) for specific biometric authentication factors included in the product's Common Criteria evaluation. | MobileIron - DISA Google Android 14 COBO v2r1 | MDM | IDENTIFICATION AND AUTHENTICATION |
| GOOG-14-007200 - Google Android 14 must be configured to disable trust agents - NOTE: This requirement is not applicable (NA) for specific biometric authentication factors included in the product's Common Criteria evaluation. | AirWatch - DISA Google Android 14 COPE v2r1 | MDM | IDENTIFICATION AND AUTHENTICATION |
| GOOG-14-007200 - Google Android 14 must be configured to disable trust agents - NOTE: This requirement is not applicable (NA) for specific biometric authentication factors included in the product's Common Criteria evaluation. | AirWatch - DISA Google Android 14 COBO v2r1 | MDM | IDENTIFICATION AND AUTHENTICATION |
| GOOG-14-007200 - Google Android 14 must be configured to disable trust agents - NOTE: This requirement is not applicable (NA) for specific biometric authentication factors included in the product's Common Criteria evaluation. | MobileIron - DISA Google Android 14 COPE v2r1 | MDM | IDENTIFICATION AND AUTHENTICATION |
| Monterey - Allow Smartcard Authentication | NIST macOS Monterey v1.0.0 - 800-53r5 Low | Unix | IDENTIFICATION AND AUTHENTICATION |
| Monterey - Allow Smartcard Authentication | NIST macOS Monterey v1.0.0 - 800-53r4 Low | Unix | IDENTIFICATION AND AUTHENTICATION |
| Monterey - Allow Smartcard Authentication | NIST macOS Monterey v1.0.0 - 800-53r5 Moderate | Unix | IDENTIFICATION AND AUTHENTICATION |
| Monterey - Allow Smartcard Authentication | NIST macOS Monterey v1.0.0 - CNSSI 1253 | Unix | IDENTIFICATION AND AUTHENTICATION |
| Monterey - Allow Smartcard Authentication | NIST macOS Monterey v1.0.0 - 800-53r4 Moderate | Unix | IDENTIFICATION AND AUTHENTICATION |
| Monterey - Allow Smartcard Authentication | NIST macOS Monterey v1.0.0 - 800-53r4 High | Unix | IDENTIFICATION AND AUTHENTICATION |
| Monterey - Allow Smartcard Authentication | NIST macOS Monterey v1.0.0 - 800-53r5 High | Unix | IDENTIFICATION AND AUTHENTICATION |
| Monterey - Allow Smartcard Authentication | NIST macOS Monterey v1.0.0 - All Profiles | Unix | IDENTIFICATION AND AUTHENTICATION |
| Monterey - Enforce Multifactor Authentication for Login | NIST macOS Monterey v1.0.0 - 800-53r4 Moderate | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| Monterey - Enforce Multifactor Authentication for Login | NIST macOS Monterey v1.0.0 - 800-53r5 Moderate | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| Monterey - Enforce Multifactor Authentication for Privilege Escalation Through the sudo Command | NIST macOS Monterey v1.0.0 - All Profiles | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| Monterey - Enforce Multifactor Authentication for Privilege Escalation Through the sudo Command | NIST macOS Monterey v1.0.0 - CNSSI 1253 | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| Monterey - Enforce Multifactor Authentication for the su Command | NIST macOS Monterey v1.0.0 - 800-171 | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| Monterey - Enforce Multifactor Authentication for the su Command | NIST macOS Monterey v1.0.0 - 800-53r4 Low | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| RHEL-08-020250 - RHEL 8 must implement smart card logon for multifactor authentication for access to interactive accounts. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| WN11-SO-000251 - Windows 11 must use multifactor authentication for local and network access to privileged and nonprivileged accounts. | DISA Windows 11 STIG v2r2 | Windows | IDENTIFICATION AND AUTHENTICATION |
