800-53|IA-3(1)

Title

CRYPTOGRAPHIC BIDIRECTIONAL AUTHENTICATION

Description

The information system authenticates [Assignment: organization-defined specific devices and/or types of devices] before establishing [Selection (one or more): local; remote; network] connection using bidirectional authentication that is cryptographically based.

Supplemental

A local connection is any connection with a device communicating without the use of a network. A network connection is any connection with a device that communicates through a network (e.g., local area or wide area network, Internet). A remote connection is any connection with a device communicating through an external network (e.g., the Internet). Bidirectional authentication provides stronger safeguards to validate the identity of other devices for connections that are of greater risk (e.g., remote connections).

Reference Item Details

Reference: NIST 800-53 - Security and Privacy Controls for Federal Information Systems and Organizations

Related: SC-12,SC-13,SC-8

Category: IDENTIFICATION AND AUTHENTICATION

Parent Title: DEVICE IDENTIFICATION AND AUTHENTICATION

Family: IDENTIFICATION AND AUTHENTICATION

Audit Items

View all Reference Audit Items

Name	Plugin	Audit Name
1.9.1.1 Ensure 'NTP authentication' is enabled	Cisco	CIS Cisco Firewall v8.x L1 v4.2.0
1.11 Ensure Web Tier ELB is using HTTPS listener	amazon_aws	CIS Amazon Web Services Three-tier Web Architecture L2 1.0.0
1.14 Ensure App Tier ELB is using HTTPS listener	amazon_aws	CIS Amazon Web Services Three-tier Web Architecture L2 1.0.0
1.101 WN16-CC-000080	Windows	CIS Microsoft Windows Server 2016 STIG v4.0.0 DC CAT II
1.101 WN16-CC-000080	Windows	CIS Microsoft Windows Server 2016 STIG v4.0.0 MS CAT II
1.101 WN19-CC-000070	Windows	CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II
1.101 WN19-CC-000070	Windows	CIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT II
1.102 WN16-CC-000090	Windows	CIS Microsoft Windows Server 2016 STIG v4.0.0 MS CAT II
1.102 WN16-CC-000090	Windows	CIS Microsoft Windows Server 2016 STIG v4.0.0 DC CAT II
1.102 WN19-CC-000080	Windows	CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II
1.102 WN19-CC-000080	Windows	CIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT II
1.132 WN10-CC-000165	Windows	CIS Microsoft Windows 10 STIG v1.0.0 CAT II
1.176 WN16-DC-000320	Windows	CIS Microsoft Windows Server 2016 STIG v4.0.0 DC CAT II
1.177 WN19-DC-000320	Windows	CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II
1.194 WN22-MS-000040	Windows	CIS Microsoft Windows Server 2022 STIG v3.0.0 MS CAT II
1.211 WN16-SO-000080	Windows	CIS Microsoft Windows Server 2016 STIG v4.0.0 DC CAT II
1.211 WN16-SO-000080	Windows	CIS Microsoft Windows Server 2016 STIG v4.0.0 MS CAT II
1.212 WN16-SO-000090	Windows	CIS Microsoft Windows Server 2016 STIG v4.0.0 MS CAT II
1.212 WN16-SO-000090	Windows	CIS Microsoft Windows Server 2016 STIG v4.0.0 DC CAT II
1.213 WN16-SO-000100	Windows	CIS Microsoft Windows Server 2016 STIG v4.0.0 DC CAT II
1.213 WN16-SO-000100	Windows	CIS Microsoft Windows Server 2016 STIG v4.0.0 MS CAT II
1.213 WN19-SO-000060	Windows	CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II
1.213 WN19-SO-000060	Windows	CIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT II
1.214 WN19-SO-000070	Windows	CIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT II
1.214 WN19-SO-000070	Windows	CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II
1.215 WN19-SO-000080	Windows	CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II
1.215 WN19-SO-000080	Windows	CIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT II
1.216 WN16-SO-000130	Windows	CIS Microsoft Windows Server 2016 STIG v4.0.0 DC CAT II
1.216 WN16-SO-000130	Windows	CIS Microsoft Windows Server 2016 STIG v4.0.0 MS CAT II
1.216 WN22-SO-000090	Windows	CIS Microsoft Windows Server 2022 STIG v3.0.0 MS CAT II
1.216 WN22-SO-000090	Windows	CIS Microsoft Windows Server 2022 STIG v3.0.0 DC CAT II
1.218 WN19-SO-000110	Windows	CIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT II
1.218 WN19-SO-000110	Windows	CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II
1.221 WN16-SO-000190	Windows	CIS Microsoft Windows Server 2016 STIG v4.0.0 MS CAT II
1.221 WN16-SO-000190	Windows	CIS Microsoft Windows Server 2016 STIG v4.0.0 DC CAT II
1.222 WN16-SO-000200	Windows	CIS Microsoft Windows Server 2016 STIG v4.0.0 MS CAT II
1.222 WN16-SO-000200	Windows	CIS Microsoft Windows Server 2016 STIG v4.0.0 DC CAT II
1.223 WN19-SO-000160	Windows	CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II
1.223 WN19-SO-000160	Windows	CIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT II
1.224 WN16-SO-000230	Windows	CIS Microsoft Windows Server 2016 STIG v4.0.0 DC CAT II
1.224 WN16-SO-000230	Windows	CIS Microsoft Windows Server 2016 STIG v4.0.0 MS CAT II
1.224 WN19-SO-000170	Windows	CIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT II
1.224 WN19-SO-000170	Windows	CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II
1.225 WN16-SO-000240	Windows	CIS Microsoft Windows Server 2016 STIG v4.0.0 MS CAT II
1.225 WN16-SO-000240	Windows	CIS Microsoft Windows Server 2016 STIG v4.0.0 DC CAT II
1.226 WN19-SO-000190	Windows	CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II
1.226 WN19-SO-000190	Windows	CIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT II
1.227 WN19-SO-000200	Windows	CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II
1.227 WN19-SO-000200	Windows	CIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT II
18.5.14.1 (L1) Ensure 'Hardened UNC Paths' is set to 'Enabled, with 'Require Mutual Authentication' and 'Require Integrity' set for all NETLOGON and SYSVOL shares'	Windows	CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MS

Detections

Analytics