CCI|CCI-000213

Title

Enforce approved authorizations for logical access to information and system resources in accordance with applicable access control policies.

Reference Item Details

Reference: CCI - DISA Control Correlation Identifier

Category: 2024

Audit Items

View all Reference Audit Items

Name	Plugin	Audit Name
1.4.3 Ensure authentication required for single user mode	Unix	CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
2.008 - Local volumes are not formatted using NTFS.	Windows	DISA Windows Vista STIG v6r41
3.027 - Printer share permissions are not configured as recommended.	Windows	DISA Windows Vista STIG v6r41
APPL-14-002001 - The macOS system must disable Server Message Block sharing.	Unix	DISA Apple macOS 14 (Sonoma) STIG v2r2
APPL-14-002003 - The macOS system must disable Network File System service.	Unix	DISA Apple macOS 14 (Sonoma) STIG v2r2
APPL-14-002006 - The macOS system must disable Unix-to-Unix Copy Protocol service.	Unix	DISA Apple macOS 14 (Sonoma) STIG v2r2
APPL-14-002008 - The macOS system must disable the built-in web server.	Unix	DISA Apple macOS 14 (Sonoma) STIG v2r2
APPL-14-002009 - The macOS system must disable AirDrop.	Unix	DISA Apple macOS 14 (Sonoma) STIG v2r2
APPL-14-002038 - The macOS system must disable Trivial File Transfer Protocol service.	Unix	DISA Apple macOS 14 (Sonoma) STIG v2r2
APPL-14-002100 - The macOS system must disable Media Sharing.	Unix	DISA Apple macOS 14 (Sonoma) STIG v2r2
APPL-14-002110 - The macOS system must disable Bluetooth sharing.	Unix	DISA Apple macOS 14 (Sonoma) STIG v2r2
APPL-14-005001 - The macOS system must ensure System Integrity Protection is enabled.	Unix	DISA Apple macOS 14 (Sonoma) STIG v2r2
APPL-14-005058 - The macOS system must disable Handoff.	Unix	DISA Apple macOS 14 (Sonoma) STIG v2r2
APPL-15-002001 - The macOS system must disable Server Message Block (SMB) sharing.	Unix	DISA Apple macOS 15 (Sequoia) STIG v1r1
APPL-15-002003 - The macOS system must disable Network File System (NFS) service.	Unix	DISA Apple macOS 15 (Sequoia) STIG v1r1
APPL-15-002006 - The macOS system must disable Unix-to-Unix Copy Protocol (UUCP) service.	Unix	DISA Apple macOS 15 (Sequoia) STIG v1r1
APPL-15-002008 - The macOS system must disable the built-in web server.	Unix	DISA Apple macOS 15 (Sequoia) STIG v1r1
APPL-15-002009 - The macOS system must disable AirDrop.	Unix	DISA Apple macOS 15 (Sequoia) STIG v1r1
APPL-15-002038 - The macOS system must disable Trivial File Transfer Protocol (TFTP) service.	Unix	DISA Apple macOS 15 (Sequoia) STIG v1r1
APPL-15-002100 - The macOS system must disable Media Sharing.	Unix	DISA Apple macOS 15 (Sequoia) STIG v1r1
APPL-15-002110 - The macOS system must disable Bluetooth Sharing.	Unix	DISA Apple macOS 15 (Sequoia) STIG v1r1
APPL-15-005001 - The macOS system must ensure System Integrity Protection is enabled.	Unix	DISA Apple macOS 15 (Sequoia) STIG v1r1
APPL-15-005058 - The macOS system must disable Handoff.	Unix	DISA Apple macOS 15 (Sequoia) STIG v1r1
AS24-U1-000030 - The Apache web server must use cryptography to protect the integrity of remote sessions - ssl_module	Unix	DISA STIG Apache Server 2.4 Unix Server v3r1 Middleware
AS24-U1-000030 - The Apache web server must use cryptography to protect the integrity of remote sessions - SSLProtocol	Unix	DISA STIG Apache Server 2.4 Unix Server v3r1 Middleware
AS24-U1-000030 - The Apache web server must use cryptography to protect the integrity of remote sessions.	Unix	DISA STIG Apache Server 2.4 Unix Server v3r1
AS24-U2-000030 - The Apache web server must use encryption strength in accordance with the categorization of data hosted by the Apache web server when remote connections are provided.	Unix	DISA STIG Apache Server 2.4 Unix Site v2r4
AS24-U2-000030 - The Apache web server must use encryption strength in accordance with the categorization of data hosted by the Apache web server when remote connections are provided.	Unix	DISA STIG Apache Server 2.4 Unix Site v2r4 Middleware
AS24-W1-000030 - The Apache web server must use encryption strength in accordance with the categorization of data hosted by the Apache web server when remote connections are provided - ssl_module	Windows	DISA STIG Apache Server 2.4 Windows Server v3r1
AS24-W1-000030 - The Apache web server must use encryption strength in accordance with the categorization of data hosted by the Apache web server when remote connections are provided - ssl_module	Windows	DISA STIG Apache Server 2.4 Windows Server v2r3
AS24-W1-000030 - The Apache web server must use encryption strength in accordance with the categorization of data hosted by the Apache web server when remote connections are provided - SSLProtocol	Windows	DISA STIG Apache Server 2.4 Windows Server v2r3
AS24-W1-000030 - The Apache web server must use encryption strength in accordance with the categorization of data hosted by the Apache web server when remote connections are provided - SSLProtocol	Windows	DISA STIG Apache Server 2.4 Windows Server v3r1
AS24-W2-000890 - An Apache web server must maintain the confidentiality of controlled information during transmission through the use of an approved TLS version - SSLEngine	Windows	DISA STIG Apache Server 2.4 Windows Site v2r1
AS24-W2-000890 - An Apache web server must maintain the confidentiality of controlled information during transmission through the use of an approved TLS version - SSLProtocol	Windows	DISA STIG Apache Server 2.4 Windows Site v2r1
Big Sur - Enforce Approved Authorization for Logical Access	Unix	NIST macOS Big Sur v1.4.0 - 800-53r4 Low
Big Sur - Enforce Approved Authorization for Logical Access	Unix	NIST macOS Big Sur v1.4.0 - 800-53r4 Moderate
Big Sur - Enforce Approved Authorization for Logical Access	Unix	NIST macOS Big Sur v1.4.0 - 800-53r5 Moderate
Big Sur - Enforce Approved Authorization for Logical Access	Unix	NIST macOS Big Sur v1.4.0 - All Profiles
Big Sur - Enforce Approved Authorization for Logical Access	Unix	NIST macOS Big Sur v1.4.0 - 800-171
Big Sur - Enforce Approved Authorization for Logical Access	Unix	NIST macOS Big Sur v1.4.0 - 800-53r4 High
Big Sur - Enforce Approved Authorization for Logical Access	Unix	NIST macOS Big Sur v1.4.0 - CNSSI 1253
Big Sur - Enforce Approved Authorization for Logical Access	Unix	NIST macOS Big Sur v1.4.0 - 800-53r5 High
Big Sur - Enforce Approved Authorization for Logical Access	Unix	NIST macOS Big Sur v1.4.0 - 800-53r5 Low
CNTR-K8-000270 - The Kubernetes API Server must enable Node,RBAC as the authorization mode.	Unix	DISA STIG Kubernetes v2r2
CNTR-K8-000300 - The Kubernetes Scheduler must have secure binding.	Unix	DISA STIG Kubernetes v2r2
CNTR-K8-000310 - The Kubernetes Controller Manager must have secure binding.	Unix	DISA STIG Kubernetes v2r2
CNTR-K8-000320 - The Kubernetes API server must have the insecure port flag disabled.	Unix	DISA STIG Kubernetes v2r2
CNTR-K8-000340 - The Kubernetes API server must have the insecure bind address not set.	Unix	DISA STIG Kubernetes v2r2
CNTR-K8-000350 - The Kubernetes API server must have the secure port set.	Unix	DISA STIG Kubernetes v2r2
CNTR-K8-000360 - The Kubernetes API server must have anonymous authentication disabled.	Unix	DISA STIG Kubernetes v2r2

Detections

Analytics

CCI|CCI-000213

Title

Reference Item Details

Audit Items