Detections
Analytics

800-53|IA-2(2)

Title

NETWORK ACCESS TO NON-PRIVILEGED ACCOUNTS

Description

The information system implements multifactor authentication for network access to non-privileged accounts.

Reference Item Details

Category: IDENTIFICATION AND AUTHENTICATION

Parent Title: IDENTIFICATION AND AUTHENTICATION (ORGANIZATIONAL USERS)

Family: IDENTIFICATION AND AUTHENTICATION

Baseline Impact: MODERATE,HIGH

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.1.3.10.2 Set 'Network access: Allow anonymous SID/Name translation' to 'Disabled'WindowsCIS Windows 8 L1 v1.0.0
1.1.3.10.4 Configure 'Network access: Named Pipes that can be accessed anonymously'WindowsCIS Windows 8 L1 v1.0.0
1.2 Ensure that Multi-Factor Authentication is 'Enabled' for All Non-Service AccountsGCPCIS Google Cloud Platform v3.0.0 L1
5.1.9 Ensure SSH HostbasedAuthentication is disabledUnixCIS Google Container-Optimized OS v1.2.0 L1 Server
5.1.11 Ensure SSH PermitEmptyPasswords is disabledUnixCIS Google Container-Optimized OS v1.2.0 L1 Server
6.6 Ensure ALL Events are Audited - audit_log_filterMySQLDBCIS MySQL 5.7 Enterprise Database L2 v2.0.0
6.6 Ensure ALL Events are Audited - audit_log_userMySQLDBCIS MySQL 5.7 Enterprise Database L2 v2.0.0
AIX7-00-003200 - The AIX operating system must use Multi Factor Authentication.UnixDISA STIG AIX 7.x v3r1
Big Sur - Allow Smartcard AuthenticationUnixNIST macOS Big Sur v1.4.0 - 800-53r4 High
Big Sur - Allow Smartcard AuthenticationUnixNIST macOS Big Sur v1.4.0 - 800-53r4 Low
Big Sur - Allow Smartcard AuthenticationUnixNIST macOS Big Sur v1.4.0 - 800-53r5 Low
Big Sur - Allow Smartcard AuthenticationUnixNIST macOS Big Sur v1.4.0 - CNSSI 1253
Big Sur - Allow Smartcard AuthenticationUnixNIST macOS Big Sur v1.4.0 - 800-53r4 Moderate
Big Sur - Allow Smartcard AuthenticationUnixNIST macOS Big Sur v1.4.0 - All Profiles
Big Sur - Allow Smartcard AuthenticationUnixNIST macOS Big Sur v1.4.0 - 800-53r5 High
Big Sur - Allow Smartcard AuthenticationUnixNIST macOS Big Sur v1.4.0 - 800-53r5 Moderate
Big Sur - Enforce multifactor authentication for network access to non-privileged accountsUnixNIST macOS Big Sur v1.4.0 - All Profiles
Big Sur - Enforce Smartcard AuthenticationUnixNIST macOS Big Sur v1.4.0 - 800-53r5 Low
Big Sur - Enforce Smartcard AuthenticationUnixNIST macOS Big Sur v1.4.0 - All Profiles
Big Sur - Enforce Smartcard AuthenticationUnixNIST macOS Big Sur v1.4.0 - 800-171
Big Sur - Enforce Smartcard AuthenticationUnixNIST macOS Big Sur v1.4.0 - 800-53r4 Low
Big Sur - Enforce Smartcard AuthenticationUnixNIST macOS Big Sur v1.4.0 - 800-53r4 Moderate
Big Sur - Enforce Smartcard AuthenticationUnixNIST macOS Big Sur v1.4.0 - CNSSI 1253
Big Sur - Enforce Smartcard AuthenticationUnixNIST macOS Big Sur v1.4.0 - 800-53r5 Moderate
Big Sur - Enforce Smartcard AuthenticationUnixNIST macOS Big Sur v1.4.0 - 800-53r4 High
Big Sur - Enforce Smartcard AuthenticationUnixNIST macOS Big Sur v1.4.0 - 800-53r5 High
Catalina - Allow Smartcard AuthenticationUnixNIST macOS Catalina v1.5.0 - 800-53r5 Low
Catalina - Allow Smartcard AuthenticationUnixNIST macOS Catalina v1.5.0 - 800-53r5 Moderate
Catalina - Allow Smartcard AuthenticationUnixNIST macOS Catalina v1.5.0 - 800-53r4 Low
Catalina - Allow Smartcard AuthenticationUnixNIST macOS Catalina v1.5.0 - 800-53r5 High
Catalina - Allow Smartcard AuthenticationUnixNIST macOS Catalina v1.5.0 - CNSSI 1253
Catalina - Allow Smartcard AuthenticationUnixNIST macOS Catalina v1.5.0 - All Profiles
Catalina - Allow Smartcard AuthenticationUnixNIST macOS Catalina v1.5.0 - 800-53r4 High
Catalina - Allow Smartcard AuthenticationUnixNIST macOS Catalina v1.5.0 - 800-53r4 Moderate
Catalina - Enforce multifactor authentication for network access to non-privileged accountsUnixNIST macOS Catalina v1.5.0 - All Profiles
Catalina - Enforce Smartcard AuthenticationUnixNIST macOS Catalina v1.5.0 - 800-53r4 Low
Catalina - Enforce Smartcard AuthenticationUnixNIST macOS Catalina v1.5.0 - 800-53r4 Moderate
Catalina - Enforce Smartcard AuthenticationUnixNIST macOS Catalina v1.5.0 - 800-53r5 High
Catalina - Enforce Smartcard AuthenticationUnixNIST macOS Catalina v1.5.0 - 800-171
Catalina - Enforce Smartcard AuthenticationUnixNIST macOS Catalina v1.5.0 - 800-53r4 High
Catalina - Enforce Smartcard AuthenticationUnixNIST macOS Catalina v1.5.0 - 800-53r5 Low
Catalina - Enforce Smartcard AuthenticationUnixNIST macOS Catalina v1.5.0 - 800-53r5 Moderate
Catalina - Enforce Smartcard AuthenticationUnixNIST macOS Catalina v1.5.0 - All Profiles
Catalina - Enforce Smartcard AuthenticationUnixNIST macOS Catalina v1.5.0 - CNSSI 1253
F5BI-AP-000079 - The BIG-IP APM module must use multifactor authentication for network access to non-privileged accounts.F5DISA F5 BIG-IP Access Policy Manager STIG v2r3
GEN005527 - The SSH daemon must not allow host-based authentication.UnixDISA STIG for Oracle Linux 5 v2r1
GEN005527 - The SSH daemon must not allow host-based authentication.UnixDISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit
Monterey - Allow Smartcard AuthenticationUnixNIST macOS Monterey v1.0.0 - 800-53r4 High
Monterey - Allow Smartcard AuthenticationUnixNIST macOS Monterey v1.0.0 - 800-53r5 High
Monterey - Allow Smartcard AuthenticationUnixNIST macOS Monterey v1.0.0 - All Profiles