Detections
Analytics

800-53|IA-5(13)

Title

EXPIRATION OF CACHED AUTHENTICATORS

Description

The information system prohibits the use of cached authenticators after [Assignment: organization-defined time period].

Reference Item Details

Category: IDENTIFICATION AND AUTHENTICATION

Parent Title: AUTHENTICATOR MANAGEMENT

Family: IDENTIFICATION AND AUTHENTICATION

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.1.3.6.5 Set 'Interactive logon: Number of previous logons to cache (in case domain controller is not available)' to '4 or fewer logon(s)'WindowsCIS Windows 8 L1 v1.0.0
1.1.23 Ensure that the --service-account-lookup argument is set to trueUnixCIS Kubernetes 1.11 Benchmark v1.3.0 L1
1.1.23 Ensure that the --service-account-lookup argument is set to trueUnixCIS Kubernetes 1.8 Benchmark v1.2.0 L1
1.2.4.5.5 Set 'Do not allow passwords to be saved' to 'Enabled'WindowsCIS Windows 8 L1 v1.0.0
3.1.16 Ensure that the --service-account-lookup argument is set to trueUnixCIS Kubernetes 1.7.0 Benchmark v1.1.0 L1
3.1.16 Ensure that the --service-account-lookup argument is set to trueUnixCIS Kubernetes 1.8 Benchmark v1.2.0 L1
5.5 Ensure login keychain is locked when the computer sleepsUnixCIS Apple OSX 10.11 El Capitan L2 v1.1.0
5.5 Ensure login keychain is locked when the computer sleepsUnixCIS Apple OSX 10.10 Yosemite L2 v1.2.0
5.5 NFS - 'wafl.wcc_minutes_valid has been configured'NetAppTNS NetApp Data ONTAP 7G
5.6 Ensure login keychain is locked when the computer sleepsUnixCIS Apple macOS 10.12 L2 v1.2.0
AIOS-18-011500 - Apple iOS/iPadOS 18 must implement the management setting: treat AirDrop as an unmanaged destination.MDMAirWatch - DISA Apple iOS/iPadOS 18 v1r1
AIOS-18-011500 - Apple iOS/iPadOS 18 must implement the management setting: treat AirDrop as an unmanaged destination.MDMMobileIron - DISA Apple iOS/iPadOS 18 v1r1
AIOS-18-011600 - Apple iOS/iPadOS 18 must implement the management setting: not have any Family Members in Family Sharing.MDMMobileIron - DISA Apple iOS/iPadOS 18 v1r1
AIOS-18-011600 - Apple iOS/iPadOS 18 must implement the management setting: not have any Family Members in Family Sharing.MDMAirWatch - DISA Apple iOS/iPadOS 18 v1r1
AIX7-00-001046 - If LDAP authentication is required, AIX must setup LDAP client to refresh user and group caches less than a day.UnixDISA STIG AIX 7.x v3r1
Big Sur - Disable FileVault Automatic LoginUnixNIST macOS Big Sur v1.4.0 - 800-171
Big Sur - Disable FileVault Automatic LoginUnixNIST macOS Big Sur v1.4.0 - 800-53r5 Moderate
Big Sur - Disable FileVault Automatic LoginUnixNIST macOS Big Sur v1.4.0 - 800-53r4 Moderate
Big Sur - Disable FileVault Automatic LoginUnixNIST macOS Big Sur v1.4.0 - 800-53r5 High
Big Sur - Disable FileVault Automatic LoginUnixNIST macOS Big Sur v1.4.0 - 800-53r5 Low
Big Sur - Disable FileVault Automatic LoginUnixNIST macOS Big Sur v1.4.0 - All Profiles
Big Sur - Disable FileVault Automatic LoginUnixNIST macOS Big Sur v1.4.0 - CNSSI 1253
Big Sur - Disable FileVault Automatic LoginUnixNIST macOS Big Sur v1.4.0 - 800-53r4 High
Big Sur - Disable FileVault Automatic LoginUnixNIST macOS Big Sur v1.4.0 - 800-53r4 Low
Big Sur - Disable Password AutofillUnixNIST macOS Big Sur v1.4.0 - 800-53r4 Low
Big Sur - Disable Password AutofillUnixNIST macOS Big Sur v1.4.0 - 800-53r5 High
Big Sur - Disable Password AutofillUnixNIST macOS Big Sur v1.4.0 - 800-53r5 Low
Big Sur - Disable Password AutofillUnixNIST macOS Big Sur v1.4.0 - All Profiles
Big Sur - Disable Password AutofillUnixNIST macOS Big Sur v1.4.0 - CNSSI 1253
Big Sur - Disable Password AutofillUnixNIST macOS Big Sur v1.4.0 - 800-171
Big Sur - Disable Password AutofillUnixNIST macOS Big Sur v1.4.0 - 800-53r4 Moderate
Big Sur - Disable Password AutofillUnixNIST macOS Big Sur v1.4.0 - 800-53r4 High
Big Sur - Disable Password AutofillUnixNIST macOS Big Sur v1.4.0 - 800-53r5 Moderate
Big Sur - Disable Unattended or Automatic Logon to the SystemUnixNIST macOS Big Sur v1.4.0 - 800-53r5 High
Big Sur - Disable Unattended or Automatic Logon to the SystemUnixNIST macOS Big Sur v1.4.0 - 800-53r4 High
Big Sur - Disable Unattended or Automatic Logon to the SystemUnixNIST macOS Big Sur v1.4.0 - 800-53r4 Low
Big Sur - Disable Unattended or Automatic Logon to the SystemUnixNIST macOS Big Sur v1.4.0 - 800-53r4 Moderate
Big Sur - Disable Unattended or Automatic Logon to the SystemUnixNIST macOS Big Sur v1.4.0 - 800-53r5 Low
Big Sur - Disable Unattended or Automatic Logon to the SystemUnixNIST macOS Big Sur v1.4.0 - 800-53r5 Moderate
Big Sur - Disable Unattended or Automatic Logon to the SystemUnixNIST macOS Big Sur v1.4.0 - All Profiles
Big Sur - Disable Unattended or Automatic Logon to the SystemUnixNIST macOS Big Sur v1.4.0 - CNSSI 1253
Big Sur - Disable Unattended or Automatic Logon to the SystemUnixNIST macOS Big Sur v1.4.0 - 800-171
Catalina - Disable FileVault Automatic LoginUnixNIST macOS Catalina v1.5.0 - 800-53r4 Moderate
Catalina - Disable FileVault Automatic LoginUnixNIST macOS Catalina v1.5.0 - 800-53r5 High
Catalina - Disable FileVault Automatic LoginUnixNIST macOS Catalina v1.5.0 - 800-53r5 Low
Catalina - Disable FileVault Automatic LoginUnixNIST macOS Catalina v1.5.0 - 800-53r5 Moderate
Catalina - Disable FileVault Automatic LoginUnixNIST macOS Catalina v1.5.0 - 800-171
Catalina - Disable FileVault Automatic LoginUnixNIST macOS Catalina v1.5.0 - 800-53r4 High
Catalina - Disable FileVault Automatic LoginUnixNIST macOS Catalina v1.5.0 - CNSSI 1253
Catalina - Disable FileVault Automatic LoginUnixNIST macOS Catalina v1.5.0 - 800-53r4 Low