| 1.1.1 Ensure that the --anonymous-auth argument is set to false | CIS Kubernetes 1.11 Benchmark v1.3.0 L1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 1.1.3 Ensure that the --insecure-allow-any-token argument is not set | CIS Kubernetes 1.8 Benchmark v1.2.0 L1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 2.1 Ensure Authentication is configured | CIS MongoDB 3.6 L1 Unix Audit v1.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 2.1 Ensure that authentication is enabled for MongoDB databases | CIS MongoDB 3.2 L1 Unix Audit v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 2.1.1.1.4 Set 'seconds' for 'ip ssh timeout' | CIS Cisco IOS 12 L1 v4.0.0 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| 2.1.1.1.5 Set maximum value for 'ip ssh authentication-retries' | CIS Cisco IOS XE 16.x v2.1.0 L1 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| 2.1.2 Ensure that the --anonymous-auth argument is set to false | CIS Kubernetes 1.7.0 Benchmark v1.1.0 L1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 2.3.1.1 (L1) Ensure 'Accounts: Block Microsoft accounts' is set to 'Users can't add or log on with Microsoft accounts' | CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 MS | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.3.10.5 (L1) Configure 'Network access: Named Pipes that can be accessed anonymously' (DC only) | CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 DC | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.3.10.6 (L1) Ensure 'Network access: Named Pipes that can be accessed anonymously' is set to 'None' | CIS Microsoft Windows 11 Enterprise v4.0.0 L2 BitLocker | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.3.10.6 (L1) Ensure 'Network access: Named Pipes that can be accessed anonymously' is set to 'None' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.3.10.6 (L1) Ensure 'Network access: Named Pipes that can be accessed anonymously' is set to 'None' | CIS Microsoft Windows 10 Enterprise v3.0.0 L1 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.3.10.7 (L1) Configure 'Network access: Named Pipes that can be accessed anonymously' (MS only) | CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.3.10.7 (L1) Ensure 'Network access: Named Pipes that can be accessed anonymously' is configured (MS only) | CIS Microsoft Windows Server 2025 v1.0.0 L1 MS | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.3.10.8 Configure 'Network access: Named Pipes that can be accessed anonymously' (DC only) | CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 DC | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.3.10.8 Configure 'Network access: Named Pipes that can be accessed anonymously' (DC only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Domain Controller | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.4 Ensure an industry standard authentication mechanism is used - authorization | CIS MongoDB 3.2 L2 Windows Audit v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.4 Ensure an industry standard authentication mechanism is used - clusterAuthMode | CIS MongoDB 3.2 L2 Unix Audit v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 2.4 Ensure an industry standard authentication mechanism is used - clusterAuthMode | CIS MongoDB 3.2 L2 Windows Audit v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.4 Ensure an industry standard authentication mechanism is used - mode | CIS MongoDB 3.2 L2 Windows Audit v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.11 Ensure that authorization for Docker client commands is enabled | CIS Docker Community Edition v1.1.0 L2 Docker | Unix | IDENTIFICATION AND AUTHENTICATION |
| 3.1.3 Ensure that the --insecure-allow-any-token argument is not set | CIS Kubernetes 1.7.0 Benchmark v1.1.0 L1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 3.1.3 Ensure that the --insecure-allow-any-token argument is not set | CIS Kubernetes 1.8 Benchmark v1.2.0 L1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 4.3 Ensure Active Directory is used for local user authentication - Enabled = 'true' | CIS VMware ESXi 6.5 v1.0.0 Level 1 | VMware | IDENTIFICATION AND AUTHENTICATION |
| 4.4.1.1 Ensure latest version of pam is installed | CIS Rocky Linux 8 Workstation L1 v2.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 4.4.1.1 Ensure latest version of pam is installed | CIS AlmaLinux OS 8 Server L1 v3.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.3.1.1 Ensure latest version of pam is installed | CIS SUSE Linux Enterprise 15 v2.0.0 L1 Server | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.3.1.1 Ensure latest version of pam is installed | CIS SUSE Linux Enterprise 15 v2.0.0 L1 Workstation | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.3.1.1 Ensure latest version of pam is installed | CIS AlmaLinux OS 9 v2.0.0 L1 Server | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.3.1.1 Ensure latest version of pam is installed | CIS AlmaLinux OS 9 v2.0.0 L1 Workstation | Unix | IDENTIFICATION AND AUTHENTICATION |
| 6.2.2 Ensure no legacy '+' entries exist in /etc/passwd | CIS Amazon Linux v2.1.0 L1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 6.2.3 Ensure no legacy '+' entries exist in /etc/shadow | CIS Debian 9 Server L1 v1.0.1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 6.2.3 Ensure no legacy '+' entries exist in /etc/shadow | CIS Debian 9 Workstation L1 v1.0.1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 6.2.4 Ensure no legacy '+' entries exist in /etc/group | CIS Amazon Linux v2.1.0 L1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 6.6.7 Ensure Remote Login Class for Authorization through External AAA - remote class | CIS Juniper OS Benchmark v2.1.0 L2 | Juniper | IDENTIFICATION AND AUTHENTICATION |
| 6.10.1.13 Ensure SSH Key Authentication is Disabled | CIS Juniper OS Benchmark v2.1.0 L2 | Juniper | IDENTIFICATION AND AUTHENTICATION |
| 18.2.6 Ensure 'Password Settings: Password Age (Days)' is set to 'Enabled: 30 or fewer' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 18.8.37.1 Ensure 'Enable RPC Endpoint Mapper Client Authentication' is set to 'Enabled' | CIS Windows 7 Workstation Level 1 v3.2.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 18.8.37.2 Ensure 'Restrict Unauthenticated RPC clients' is set to 'Enabled: Authenticated' | CIS Windows 7 Workstation Level 1 v3.2.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| Monterey - Enforce Multifactor Authentication for Login | NIST macOS Monterey v1.0.0 - 800-53r5 High | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| Monterey - Enforce Multifactor Authentication for Login | NIST macOS Monterey v1.0.0 - All Profiles | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| Monterey - Enforce Multifactor Authentication for Login | NIST macOS Monterey v1.0.0 - CNSSI 1253 | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| Monterey - Enforce Multifactor Authentication for Privilege Escalation Through the sudo Command | NIST macOS Monterey v1.0.0 - 800-171 | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| Monterey - Enforce Multifactor Authentication for Privilege Escalation Through the sudo Command | NIST macOS Monterey v1.0.0 - 800-53r4 High | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| Monterey - Enforce Multifactor Authentication for the su Command | NIST macOS Monterey v1.0.0 - 800-53r4 Moderate | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| Monterey - Enforce Multifactor Authentication for the su Command | NIST macOS Monterey v1.0.0 - 800-53r5 Low | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| Monterey - Enforce Multifactor Authentication for the su Command | NIST macOS Monterey v1.0.0 - All Profiles | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| Restrict Unauthenticated RPC clients | MSCT Windows 10 v20H2 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| Restrict Unauthenticated RPC clients | MSCT Windows Server 1903 MS v1.19.9 | Windows | IDENTIFICATION AND AUTHENTICATION |
| Restrict Unauthenticated RPC clients | MSCT Windows Server v20H2 MS v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
