CCI|CCI-000764

Title

Uniquely identify and authenticate organizational users and associate that unique identification with processes acting on behalf of those users.

Reference Item Details

Reference: CCI - DISA Control Correlation Identifier

Category: 2024

Audit Items

View all Reference Audit Items

Name	Plugin	Audit Name
1.008 - Shared user accounts are permitted on the system.	Windows	DISA Windows Vista STIG v6r41
4.017 - DOD information system access does not require the use of a password.	Windows	DISA Windows Vista STIG v6r41
4.039 - Built-in Admin Account Status	Windows	DISA Windows Vista STIG v6r41
6.2.3 Ensure all groups in /etc/passwd exist in /etc/group - GIDs referenced in the /etc/passwd file are defined in the /etc/group file.	Unix	CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
AIOS-12-011500 - Apple iOS must implement the management setting: use SSL for Exchange ActiveSync.	MDM	AirWatch - DISA Apple iOS 12 v2r1
AIOS-12-011500 - Apple iOS must implement the management setting: use SSL for Exchange ActiveSync.	MDM	MobileIron - DISA Apple iOS 12 v2r1
AIOS-12-011600 - Apple iOS must implement the management setting: not allow messages in an ActiveSync Exchange account to be forwarded or moved to other accounts in the Apple iOS Mail app.	MDM	AirWatch - DISA Apple iOS 12 v2r1
AIOS-12-011600 - Apple iOS must implement the management setting: not allow messages in an ActiveSync Exchange account to be forwarded or moved to other accounts in the Apple iOS Mail app.	MDM	MobileIron - DISA Apple iOS 12 v2r1
AIOS-13-011500 - Apple iOS/iPadOS must implement the management setting: use SSL for Exchange ActiveSync.	MDM	MobileIron - DISA Apple iOS/iPadOS 13 v2r1
AIOS-13-011500 - Apple iOS/iPadOS must implement the management setting: use SSL for Exchange ActiveSync.	MDM	AirWatch - DISA Apple iOS/iPadOS 13 v2r1
AIOS-13-011600 - Apple iOS/iPadOS must implement the management setting: not allow messages in an ActiveSync Exchange account to be forwarded or moved to other accounts in the Apple iOS/iPadOS Mail app.	MDM	AirWatch - DISA Apple iOS/iPadOS 13 v2r1
AIOS-13-011600 - Apple iOS/iPadOS must implement the management setting: not allow messages in an ActiveSync Exchange account to be forwarded or moved to other accounts in the Apple iOS/iPadOS Mail app.	MDM	MobileIron - DISA Apple iOS/iPadOS 13 v2r1
AIOS-14-009700 - Apple iOS/iPadOS must implement the management setting: use SSL for Exchange ActiveSync.	MDM	MobileIron - DISA Apple iOS/iPadOS 14 v1r3
AIOS-14-009700 - Apple iOS/iPadOS must implement the management setting: use SSL for Exchange ActiveSync.	MDM	AirWatch - DISA Apple iOS/iPadOS 14 v1r3
AIOS-14-009800 - Apple iOS/iPadOS must implement the management setting: not allow messages in an ActiveSync Exchange account to be forwarded or moved to other accounts in the Apple iOS/iPadOS Mail app.	MDM	AirWatch - DISA Apple iOS/iPadOS 14 v1r3
AIOS-14-009800 - Apple iOS/iPadOS must implement the management setting: not allow messages in an ActiveSync Exchange account to be forwarded or moved to other accounts in the Apple iOS/iPadOS Mail app.	MDM	MobileIron - DISA Apple iOS/iPadOS 14 v1r3
AIOS-16-011300 - Apple iOS/iPadOS 16 must implement the management setting: use SSL for Exchange ActiveSync.	MDM	MobileIron - DISA Apple iOS/iPadOS 16 v2r1
AIOS-16-011300 - Apple iOS/iPadOS 16 must implement the management setting: use SSL for Exchange ActiveSync.	MDM	AirWatch - DISA Apple iOS/iPadOS 16 v2r1
AIOS-16-011400 - Apple iOS/iPadOS 16 must implement the management setting: not allow messages in an ActiveSync Exchange account to be forwarded or moved to other accounts in the Apple iOS/iPadOS 16 Mail app.	MDM	MobileIron - DISA Apple iOS/iPadOS 16 v2r1
AIOS-16-011400 - Apple iOS/iPadOS 16 must implement the management setting: not allow messages in an ActiveSync Exchange account to be forwarded or moved to other accounts in the Apple iOS/iPadOS 16 Mail app.	MDM	AirWatch - DISA Apple iOS/iPadOS 16 v2r1
AIOS-16-711300 - Apple iOS/iPadOS 16 must implement the management setting: use SSL for Exchange ActiveSync.	MDM	AirWatch - DISA Apple iOS/iPadOS 16 BYOAD v1r1
AIOS-16-711300 - Apple iOS/iPadOS 16 must implement the management setting: use SSL for Exchange ActiveSync.	MDM	MobileIron - DISA Apple iOS/iPadOS BYOAD 16 v1r1
AIOS-16-711400 - Apple iOS/iPadOS 16 must implement the management setting: not allow messages in an ActiveSync Exchange account to be forwarded or moved to other accounts in the Apple iOS/iPadOS 16 Mail app.	MDM	MobileIron - DISA Apple iOS/iPadOS BYOAD 16 v1r1
AIOS-16-711400 - Apple iOS/iPadOS 16 must implement the management setting: not allow messages in an ActiveSync Exchange account to be forwarded or moved to other accounts in the Apple iOS/iPadOS 16 Mail app.	MDM	AirWatch - DISA Apple iOS/iPadOS 16 BYOAD v1r1
AIOS-17-011300 - Apple iOS/iPadOS 17 must implement the management setting: use SSL for Exchange ActiveSync.	MDM	AirWatch - DISA Apple iOS/iPadOS 17 v2r1
AIOS-17-011300 - Apple iOS/iPadOS 17 must implement the management setting: use SSL for Exchange ActiveSync.	MDM	MobileIron - DISA Apple iOS/iPadOS 17 v2r1
AIOS-17-011400 - Apple iOS/iPadOS 17 must implement the management setting: not allow messages in an ActiveSync Exchange account to be forwarded or moved to other accounts in the Apple iOS/iPadOS 17 Mail app.	MDM	MobileIron - DISA Apple iOS/iPadOS 17 v2r1
AIOS-17-011400 - Apple iOS/iPadOS 17 must implement the management setting: not allow messages in an ActiveSync Exchange account to be forwarded or moved to other accounts in the Apple iOS/iPadOS 17 Mail app.	MDM	AirWatch - DISA Apple iOS/iPadOS 17 v2r1
AIOS-17-711300 - Apple iOS/iPadOS 17 must implement the management setting: use SSL for Exchange ActiveSync.	MDM	AirWatch - DISA Apple iOS/iPadOS 17 BYOAD v1r1
AIOS-17-711300 - Apple iOS/iPadOS 17 must implement the management setting: use SSL for Exchange ActiveSync.	MDM	MobileIron - DISA Apple iOS/iPadOS BYOAD 17 v1r1
AIOS-17-711400 - Apple iOS/iPadOS 17 must implement the management setting: not allow messages in an ActiveSync Exchange account to be forwarded or moved to other accounts in the Apple iOS/iPadOS 17 Mail app.	MDM	MobileIron - DISA Apple iOS/iPadOS BYOAD 17 v1r1
AIOS-17-711400 - Apple iOS/iPadOS 17 must implement the management setting: not allow messages in an ActiveSync Exchange account to be forwarded or moved to other accounts in the Apple iOS/iPadOS 17 Mail app.	MDM	AirWatch - DISA Apple iOS/iPadOS 17 BYOAD v1r1
AIX7-00-001008 - All accounts on AIX system must have unique account names.	Unix	DISA STIG AIX 7.x v2r9
AIX7-00-001009 - All accounts on AIX must be assigned unique User Identification Numbers (UIDs) and must authenticate organizational and non-organizational users (or processes acting on behalf of these users).	Unix	DISA STIG AIX 7.x v2r9
AIX7-00-001010 - The AIX SYSTEM attribute must not be set to NONE for any account.	Unix	DISA STIG AIX 7.x v2r9
APPL-14-000090 - The macOS system must disable logon to other user's active and locked sessions.	Unix	DISA Apple macOS 14 (Sonoma) STIG v2r1
APPL-14-000100 - The macOS system must disable root logon.	Unix	DISA Apple macOS 14 (Sonoma) STIG v2r1
APPL-14-005052 - The macOS system must configure login window to prompt for username and password.	Unix	DISA Apple macOS 14 (Sonoma) STIG v2r1
APPL-15-000090 - The macOS system must disable login to other users' active and locked sessions.	Unix	DISA Apple macOS 15 (Sequoia) STIG v1r1
APPL-15-000100 - The macOS system must disable root login.	Unix	DISA Apple macOS 15 (Sequoia) STIG v1r1
APPL-15-002066 - The macOS system must disable unattended or automatic login to the system.	Unix	DISA Apple macOS 15 (Sequoia) STIG v1r1
APPL-15-005052 - The macOS system must configure the login window to prompt for username and password.	Unix	DISA Apple macOS 15 (Sequoia) STIG v1r1
Big Sur - Uniquely Identify Users and Processes	Unix	NIST macOS Big Sur v1.4.0 - 800-53r5 Moderate
Big Sur - Uniquely Identify Users and Processes	Unix	NIST macOS Big Sur v1.4.0 - 800-53r5 High
Big Sur - Uniquely Identify Users and Processes	Unix	NIST macOS Big Sur v1.4.0 - 800-53r5 Low
Big Sur - Uniquely Identify Users and Processes	Unix	NIST macOS Big Sur v1.4.0 - All Profiles
CASA-VN-000410 - The Cisco ASA remote access VPN server must be configured to identify and authenticate users before granting access to the network.	Cisco	DISA STIG Cisco ASA VPN v2r1
Catalina - Uniquely Identify Users and Processes	Unix	NIST macOS Catalina v1.5.0 - All Profiles
Catalina - Uniquely Identify Users and Processes	Unix	NIST macOS Catalina v1.5.0 - 800-53r5 Moderate
CD12-00-011500 - PostgreSQL must uniquely identify and authenticate organizational users (or processes acting on behalf of organizational users).	Unix	DISA STIG Crunchy Data PostgreSQL OS v3r1

Detections

Analytics

CCI|CCI-000764

Title

Reference Item Details

Audit Items