800-53|IA-5(11)

Title

HARDWARE TOKEN-BASED AUTHENTICATION

Description

The information system, for hardware token-based authentication, employs mechanisms that satisfy [Assignment: organization-defined token quality requirements].

Supplemental

Hardware token-based authentication typically refers to the use of PKI-based tokens, such as the U.S. Government Personal Identity Verification (PIV) card. Organizations define specific requirements for tokens, such as working with a particular PKI.

Reference Item Details

Reference: NIST 800-53 - Security and Privacy Controls for Federal Information Systems and Organizations

Category: IDENTIFICATION AND AUTHENTICATION

Parent Title: AUTHENTICATOR MANAGEMENT

Family: IDENTIFICATION AND AUTHENTICATION

Baseline Impact: LOW,MODERATE,HIGH

Audit Items

View all Reference Audit Items

Name	Plugin	Audit Name
1.1.3.6.3 Configure 'Interactive logon: Require smart card'	Windows	CIS Windows 8 L1 v1.0.0
1.2.4.2.1.16 Set 'Require use of smart cards on fixed data drives' to 'True'	Windows	CIS Windows 8 L1 v1.0.0
1.2.4.2.3.15 Set 'Configure use of smart cards on removable data drives' to 'Enabled'	Windows	CIS Windows 8 L1 v1.0.0
1.2.4.2.3.16 Set 'Require use of smart cards on removable data drives' to 'True'	Windows	CIS Windows 8 L1 v1.0.0
5.18 Install an approved tokend for smartcard authentication	Unix	CIS Apple OSX 10.9 L2 v1.3.0
5.19 Install an approved tokend for smartcard authentication	Unix	CIS Apple OSX 10.11 El Capitan L2 v1.1.0
Ensure that multi-factor authentication is enabled for all accounts	Rackspace	Tenable Best Practices RackSpace v2.0.0

Detections

Analytics