Detections
Analytics

800-53|IA-11

Title

RE-AUTHENTICATION

Description

The organization requires users and devices to re-authenticate when [Assignment: organization-defined circumstances or situations requiring re-authentication].

Supplemental

In addition to the re-authentication requirements associated with session locks, organizations may require re-authentication of individuals and/or devices in other situations including, for example: (i) when authenticators change; (ii), when roles change; (iii) when security categories of information systems change; (iv), when the execution of privileged functions occurs; (v) after a fixed period of time; or (vi) periodically.

Reference Item Details

Related: AC-11

Category: IDENTIFICATION AND AUTHENTICATION

Family: IDENTIFICATION AND AUTHENTICATION

Priority: P0

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.64 UBTU-24-300021UnixCIS Ubuntu Linux 24.04 LTS STIG v1.0.0 CAT II
1.66 OL08-00-010380UnixCIS Oracle Linux 8 STIG v1.0.0 CAT II
1.67 OL08-00-010381UnixCIS Oracle Linux 8 STIG v1.0.0 CAT II
1.70 OL08-00-010384UnixCIS Oracle Linux 8 STIG v1.0.0 CAT II
1.71 OL08-00-010385UnixCIS Oracle Linux 8 STIG v1.0.0 CAT II
1.88 UBTU-22-432010UnixCIS Ubuntu Linux 22.04 LTS STIG v1.0.0 CAT II
1.127 WN22-CC-000340WindowsCIS Microsoft Windows Server 2022 STIG v3.0.0 DC CAT II
1.127 WN22-CC-000340WindowsCIS Microsoft Windows Server 2022 STIG v3.0.0 MS CAT II
1.129 WN10-CC-000145WindowsCIS Microsoft Windows 10 STIG v1.0.0 CAT II
1.129 WN22-CC-000360WindowsCIS Microsoft Windows Server 2022 STIG v3.0.0 DC CAT II
1.129 WN22-CC-000360WindowsCIS Microsoft Windows Server 2022 STIG v3.0.0 MS CAT II
1.130 WN10-CC-000150WindowsCIS Microsoft Windows 10 STIG v1.0.0 CAT II
1.134 APPL-14-004022UnixCIS Apple macOS 14 (Sonoma) STIG v1.0.0 CAT II
1.138 APPL-14-004060UnixCIS Apple macOS 14 (Sonoma) STIG v1.0.0 CAT II
1.145 WN22-CC-000520WindowsCIS Microsoft Windows Server 2022 STIG v3.0.0 MS CAT II
1.145 WN22-CC-000520WindowsCIS Microsoft Windows Server 2022 STIG v3.0.0 DC CAT II
1.156 WN10-CC-000270WindowsCIS Microsoft Windows 10 STIG v1.0.0 CAT II
1.158 WN10-CC-000280WindowsCIS Microsoft Windows 10 STIG v1.0.0 CAT II
1.174 WN10-CC-000355WindowsCIS Microsoft Windows 10 STIG v1.0.0 CAT II
1.223 WN10-SO-000245WindowsCIS Microsoft Windows 10 STIG v1.0.0 CAT II
1.226 WN10-SO-000255WindowsCIS Microsoft Windows 10 STIG v1.0.0 CAT II
1.229 WN10-SO-000270WindowsCIS Microsoft Windows 10 STIG v1.0.0 CAT II
1.245 WN22-SO-000380WindowsCIS Microsoft Windows Server 2022 STIG v3.0.0 DC CAT II
1.245 WN22-SO-000380WindowsCIS Microsoft Windows Server 2022 STIG v3.0.0 MS CAT II
1.248 WN22-SO-000410WindowsCIS Microsoft Windows Server 2022 STIG v3.0.0 DC CAT II
1.248 WN22-SO-000410WindowsCIS Microsoft Windows Server 2022 STIG v3.0.0 MS CAT II
1.251 WN22-SO-000440WindowsCIS Microsoft Windows Server 2022 STIG v3.0.0 MS CAT II
1.251 WN22-SO-000440WindowsCIS Microsoft Windows Server 2022 STIG v3.0.0 DC CAT II
1.305 RHEL-09-432015UnixCIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II
1.307 RHEL-09-432025UnixCIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II
1.309 RHEL-09-432035UnixCIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II
1.326 RHEL-09-611085UnixCIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II
1.337 RHEL-09-611145UnixCIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II
3.070 - The system is configured to permit storage of credentials or .NET Passports.WindowsDISA Windows Vista STIG v6r41
3.129 - User Account Control - Built In Admin Approval ModeWindowsDISA Windows Vista STIG v6r41
3.131 - User Account Control - Behavior of elevation prompt for standard users.WindowsDISA Windows Vista STIG v6r41
3.137 - User Account Control - Run all admins in Admin Approval ModeWindowsDISA Windows Vista STIG v6r41
5.2.4 Ensure users must provide password for escalationUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
5.2.4 Ensure users must provide password for escalationUnixCIS Amazon Linux 2 STIG v2.0.0 STIG
5.2.4.1 (L1) Ensure 'Self service password reset enabled' is set to 'All'microsoft_azureCIS Microsoft 365 Foundations v6.0.0 L1 E3
5.2.4.1 (L1) Ensure 'Self service password reset enabled' is set to 'All'microsoft_azureCIS Microsoft 365 Foundations v6.0.0 L1 E5
5.2.5 Ensure users must re-authenticate for privilege escalationUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
5.2.5 Ensure users must re-authenticate for privilege escalationUnixCIS Amazon Linux 2 STIG v2.0.0 STIG
5.2.6 Ensure sudo timestamp_timeout is configuredUnixCIS AlmaLinux OS 8 v4.0.0 L1 Workstation
5.2.6 Ensure sudo timestamp_timeout is configuredUnixCIS Red Hat Enterprise Linux 10 v1.0.1 L1 Workstation
5.2.6 Ensure sudo timestamp_timeout is configuredUnixCIS Rocky Linux 10 v1.0.0 L1 Server
5.2.6 Ensure sudo timestamp_timeout is configuredUnixCIS AlmaLinux OS 10 v1.0.0 L1 Workstation
5.2.11 Ensure pam_succeed_if does not exist in /etc/pam.d/sudoUnixCIS Red Hat Enterprise Linux 8 STIG v2.0.0 STIG
5.042 - Terminal Services is not configured to always prompt a client for passwords upon connection.WindowsDISA Windows Vista STIG v6r41
5.116 - Terminal Services / Remote Desktop Service - Prevent password saving in the Remote Desktop ClientWindowsDISA Windows Vista STIG v6r41