800-53|IA-5(7)

Title

NO EMBEDDED UNENCRYPTED STATIC AUTHENTICATORS

Description

The organization ensures that unencrypted static authenticators are not embedded in applications or access scripts or stored on function keys.

Supplemental

Organizations exercise caution in determining whether embedded or stored authenticators are in encrypted or unencrypted form. If authenticators are used in the manner stored, then those representations are considered unencrypted authenticators. This is irrespective of whether that representation is perhaps an encrypted version of something else (e.g., a password).

Reference Item Details

Reference: NIST 800-53 - Security and Privacy Controls for Federal Information Systems and Organizations

Category: IDENTIFICATION AND AUTHENTICATION

Parent Title: AUTHENTICATOR MANAGEMENT

Family: IDENTIFICATION AND AUTHENTICATION

Audit Items

View all Reference Audit Items

Name	Plugin	Audit Name
1.5.1 - Removal of .rhosts and .netrc files - .netrc	Unix	CIS AIX 5.3/6.1 L2 v1.1.0
4.4.4 Removal of .rhosts and .netrc files	Unix	CIS IBM AIX 7.2 L2 v1.1.0
6.2.12 Ensure no users have .netrc files	Unix	CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0
6.2.12 Ensure no users have .netrc files	Unix	CIS Amazon Linux v2.1.0 L1
6.2.12 Ensure no users have .netrc files	Unix	CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0
8.10 Remove User .netrc Files, should fail if .netrc file exists in a home directory.	Unix	CIS Solaris 9 v1.3
9.19 Check for Presence of User .netrc Files	Unix	CIS Solaris 11.2 L1 v1.1.0
9.20 Check for Presence of User .netrc Files	Unix	CIS Solaris 11 L1 v1.1.0
9.20 Check for Presence of User .netrc Files	Unix	CIS Solaris 11.1 L1 v1.0.0
9.20 Check for presence of user .netrc files - Checks for the presence of .netrc files in home directories.	Unix	CIS Solaris 10 L1 v5.2
13.18 Check for Presence of User .netrc Files	Unix	CIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0
13.18 Check for Presence of User .netrc Files	Unix	CIS Debian Linux 7 L1 v1.0.0

Detections

Analytics