Detections
Analytics

CCI|CCI-001948

Title

The information system implements multifactor authentication for remote access to privileged accounts such that one of the factors is provided by a device separate from the system gaining access.

Reference Item Details

Category: 2024

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.6.1 - The system must uniquely identify and must authenticate users using multifactor authentication via a graphical user logon.UnixTenable Fedora Linux Best Practices v2.0.0
1.8.8 Ensure users must authenticate users using MFA via a graphical user logonUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.10 Ensure required packages for multifactor authentication are installedUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
5.4.9 Ensure multifactor authentication for access to privileged accounts - PAM.UnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
5.4.10 Ensure certificate status checking for PKI authenticationUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
AD.1033_2008 - Active directory user accounts, including administrators, must be configured to require the use of a Common Access Card (CAC), PIV-compliant hardware token, or Alternate Logon Token (ALT) for user authentication.WindowsDISA Windows Server 2008 DC STIG v6r47
AD.1033_2008_R2 - Active directory user accounts, including administrators, must be configured to require the use of a Common Access Card (CAC), PIV-compliant hardware token, or Alternate Logon Token (ALT) for user authentication.WindowsDISA Windows Server 2008 R2 DC STIG v1r34
AIX7-00-003200 - The AIX operating system must use Multi Factor AuthenticationUnixDISA STIG AIX 7.x v2r8
AIX7-00-003200 - The AIX operating system must use Multi Factor Authentication - powerscMFA.licenseUnixDISA STIG AIX 7.x v2r5
AIX7-00-003200 - The AIX operating system must use Multi Factor Authentication - powerscMFA.licenseUnixDISA STIG AIX 7.x v2r6
AIX7-00-003200 - The AIX operating system must use Multi Factor Authentication - powerscMFA.licenseUnixDISA STIG AIX 7.x v2r1
AIX7-00-003200 - The AIX operating system must use Multi Factor Authentication - powerscMFA.licenseUnixDISA STIG AIX 7.x v2r3
AIX7-00-003200 - The AIX operating system must use Multi Factor Authentication - powerscMFA.pam.baseUnixDISA STIG AIX 7.x v2r3
AIX7-00-003200 - The AIX operating system must use Multi Factor Authentication - powerscMFA.pam.baseUnixDISA STIG AIX 7.x v2r1
AIX7-00-003200 - The AIX operating system must use Multi Factor Authentication - powerscMFA.pam.baseUnixDISA STIG AIX 7.x v2r5
AIX7-00-003200 - The AIX operating system must use Multi Factor Authentication - powerscMFA.pam.baseUnixDISA STIG AIX 7.x v2r6
AIX7-00-003200 - The AIX operating system must use Multi Factor Authentication - powerscMFA.pam.fallbackUnixDISA STIG AIX 7.x v2r6
AIX7-00-003200 - The AIX operating system must use Multi Factor Authentication - powerscMFA.pam.fallbackUnixDISA STIG AIX 7.x v2r1
AIX7-00-003200 - The AIX operating system must use Multi Factor Authentication - powerscMFA.pam.fallbackUnixDISA STIG AIX 7.x v2r3
AIX7-00-003200 - The AIX operating system must use Multi Factor Authentication - powerscMFA.pam.fallbackUnixDISA STIG AIX 7.x v2r5
AIX7-00-003200 - The AIX operating system must use Multi Factor Authentication - powerscMFA.pam.pmfamapperUnixDISA STIG AIX 7.x v2r5
AIX7-00-003200 - The AIX operating system must use Multi Factor Authentication - powerscMFA.pam.pmfamapperUnixDISA STIG AIX 7.x v2r1
AIX7-00-003200 - The AIX operating system must use Multi Factor Authentication - powerscMFA.pam.pmfamapperUnixDISA STIG AIX 7.x v2r3
AIX7-00-003200 - The AIX operating system must use Multi Factor Authentication - powerscMFA.pam.pmfamapperUnixDISA STIG AIX 7.x v2r6
AIX7-00-003200 - The AIX operating system must use Multi Factor Authentication - powerscMFA.pam.usbsmartcardUnixDISA STIG AIX 7.x v2r1
AIX7-00-003200 - The AIX operating system must use Multi Factor Authentication - powerscMFA.pam.usbsmartcardUnixDISA STIG AIX 7.x v2r3
AIX7-00-003200 - The AIX operating system must use Multi Factor Authentication - powerscMFA.pam.usbsmartcardUnixDISA STIG AIX 7.x v2r5
AIX7-00-003200 - The AIX operating system must use Multi Factor Authentication - powerscMFA.pam.usbsmartcardUnixDISA STIG AIX 7.x v2r6
AIX7-00-003200 - The AIX operating system must use Multi Factor Authentication.UnixDISA STIG AIX 7.x v2r9
AOSX-14-003025 - The macOS system must implement multifactor authentication for remote access to privileged accounts in such a way that one of the factors is provided by a device separate from the system gaining access.UnixDISA STIG Apple Mac OSX 10.14 v2r4
AOSX-14-003025 - The macOS system must implement multifactor authentication for remote access to privileged accounts in such a way that one of the factors is provided by a device separate from the system gaining access.UnixDISA STIG Apple Mac OSX 10.14 v2r6
AOSX-14-003025 - The macOS system must implement multifactor authentication for remote access to privileged accounts in such a way that one of the factors is provided by a device separate from the system gaining access.UnixDISA STIG Apple Mac OSX 10.14 v2r1
AOSX-14-003025 - The macOS system must implement multifactor authentication for remote access to privileged accounts in such a way that one of the factors is provided by a device separate from the system gaining access.UnixDISA STIG Apple Mac OSX 10.14 v2r5
APPL-14-001150 - The macOS system must disable password authentication for SSH.UnixDISA Apple macOS 14 (Sonoma) STIG v1r2
APPL-14-003020 - The macOS system must enforce smart card authentication.UnixDISA Apple macOS 14 (Sonoma) STIG v1r2
Catalina - Enforce Smartcard AuthenticationUnixNIST macOS Catalina v1.5.0 - 800-53r4 Low
Catalina - Enforce Smartcard AuthenticationUnixNIST macOS Catalina v1.5.0 - 800-53r4 Moderate
Catalina - Enforce Smartcard AuthenticationUnixNIST macOS Catalina v1.5.0 - 800-53r5 High
Catalina - Enforce Smartcard AuthenticationUnixNIST macOS Catalina v1.5.0 - 800-171
Catalina - Enforce Smartcard AuthenticationUnixNIST macOS Catalina v1.5.0 - 800-53r4 High
Catalina - Enforce Smartcard AuthenticationUnixNIST macOS Catalina v1.5.0 - 800-53r5 Low
Catalina - Enforce Smartcard AuthenticationUnixNIST macOS Catalina v1.5.0 - 800-53r5 Moderate
Catalina - Enforce Smartcard AuthenticationUnixNIST macOS Catalina v1.5.0 - All Profiles
Catalina - Enforce Smartcard AuthenticationUnixNIST macOS Catalina v1.5.0 - CNSSI 1253
F5BI-AP-000195 - The BIG-IP APM must be configured to require multifactor authentication for remote access with privileged accounts.F5DISA F5 BIG-IP Access Policy Manager 11.x STIG V1R1
OL07-00-010061 - The Oracle Linux operating system must uniquely identify and must authenticate users using multifactor authentication via a graphical user logon.UnixDISA Oracle Linux 7 STIG v2r5
OL07-00-010061 - The Oracle Linux operating system must uniquely identify and must authenticate users using multifactor authentication via a graphical user logon.UnixDISA Oracle Linux 7 STIG v2r9
OL07-00-010061 - The Oracle Linux operating system must uniquely identify and must authenticate users using multifactor authentication via a graphical user logon.UnixDISA Oracle Linux 7 STIG v2r14
OL07-00-010061 - The Oracle Linux operating system must uniquely identify and must authenticate users using multifactor authentication via a graphical user logon.UnixDISA Oracle Linux 7 STIG v2r13
OL07-00-010061 - The Oracle Linux operating system must uniquely identify and must authenticate users using multifactor authentication via a graphical user logon.UnixDISA Oracle Linux 7 STIG v2r4