CCI|CCI-001958

Title

Authenticate organization-defined devices and/or types of devices before establishing a local, remote, and/or network connection.

Reference Item Details

Category: 2024

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.1.27 Disable AutomountingUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.1.28 Disable USB Storage - /bin/trueUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.1.28 Disable USB Storage - blacklistUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.8.18 Ensure graphical user interface automounter is disabled - automountUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.8.18 Ensure graphical user interface automounter is disabled - automount-openUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.8.18 Ensure graphical user interface automounter is disabled - automount-open=falseUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.8.18 Ensure graphical user interface automounter is disabled - automount=falseUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.8.18 Ensure graphical user interface automounter is disabled - autorun-neverUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.8.18 Ensure graphical user interface automounter is disabled - autorun-never=trueUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
3.4.1 Ensure DCCP is disabled - blacklist dccpUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
3.4.1 Ensure DCCP is disabled - dccp /bin/trueUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
AIX7-00-003090 - If automated file system mounting tool is not required on AIX, it must be disabled.UnixDISA STIG AIX 7.x v3r1
AMLS-L2-000160 - The Arista Multilayer Switch must authenticate 802.1X connected devices before establishing any connection - aaa auth dot1x default group radiusAristaDISA STIG Arista MLS DCS-7000 Series L2S v1r3
AMLS-L2-000160 - The Arista Multilayer Switch must authenticate 802.1X connected devices before establishing any connection - dot1x system-auth-controlAristaDISA STIG Arista MLS DCS-7000 Series L2S v1r3
AOSX-14-002069 - The macOS system must authenticate peripherals before establishing a connection.UnixDISA STIG Apple Mac OSX 10.14 v2r6
AOSX-15-002069 - The macOS system must authenticate peripherals before establishing a connection.UnixDISA STIG Apple Mac OSX 10.15 v1r10
APPL-11-002069 - The macOS system must authenticate peripherals before establishing a connection.UnixDISA STIG Apple macOS 11 v1r8
APPL-11-002069 - The macOS system must authenticate peripherals before establishing a connection.UnixDISA STIG Apple macOS 11 v1r5
APPL-14-005090 - The macOS system must authorize USB devices before allowing connection.UnixDISA Apple macOS 14 (Sonoma) STIG v2r2
APPL-15-005090 - The macOS system must authorize USB devices before allowing connection.UnixDISA Apple macOS 15 (Sequoia) STIG v1r1
ARST-L2-000020 - The Arista MLS layer 2 switch must uniquely identify all network-connected endpoint devices before establishing any connection.AristaDISA STIG Arista MLS EOS 4.2x L2S v2r1
Big Sur - Must authenticate peripherals before establishing a connectionUnixNIST macOS Big Sur v1.4.0 - 800-53r4 High
Big Sur - Must authenticate peripherals before establishing a connectionUnixNIST macOS Big Sur v1.4.0 - 800-53r5 High
Big Sur - Must authenticate peripherals before establishing a connectionUnixNIST macOS Big Sur v1.4.0 - CNSSI 1253
Big Sur - Must authenticate peripherals before establishing a connectionUnixNIST macOS Big Sur v1.4.0 - 800-53r4 Moderate
Big Sur - Must authenticate peripherals before establishing a connectionUnixNIST macOS Big Sur v1.4.0 - 800-53r5 Moderate
Big Sur - Must authenticate peripherals before establishing a connectionUnixNIST macOS Big Sur v1.4.0 - All Profiles
Big Sur - Require Administrator Password to Modify System-Wide PreferencesUnixNIST macOS Big Sur v1.4.0 - 800-53r5 High
Big Sur - Require Administrator Password to Modify System-Wide PreferencesUnixNIST macOS Big Sur v1.4.0 - 800-171
Big Sur - Require Administrator Password to Modify System-Wide PreferencesUnixNIST macOS Big Sur v1.4.0 - CNSSI 1253
Big Sur - Require Administrator Password to Modify System-Wide PreferencesUnixNIST macOS Big Sur v1.4.0 - 800-53r4 Moderate
Big Sur - Require Administrator Password to Modify System-Wide PreferencesUnixNIST macOS Big Sur v1.4.0 - 800-53r4 High
Big Sur - Require Administrator Password to Modify System-Wide PreferencesUnixNIST macOS Big Sur v1.4.0 - 800-53r5 Moderate
Big Sur - Require Administrator Password to Modify System-Wide PreferencesUnixNIST macOS Big Sur v1.4.0 - All Profiles
Catalina - Must authenticate peripherals before establishing a connectionUnixNIST macOS Catalina v1.5.0 - 800-53r4 High
Catalina - Must authenticate peripherals before establishing a connectionUnixNIST macOS Catalina v1.5.0 - CNSSI 1253
Catalina - Must authenticate peripherals before establishing a connectionUnixNIST macOS Catalina v1.5.0 - All Profiles
Catalina - Must authenticate peripherals before establishing a connectionUnixNIST macOS Catalina v1.5.0 - 800-53r4 Moderate
Catalina - Must authenticate peripherals before establishing a connectionUnixNIST macOS Catalina v1.5.0 - 800-53r5 High
Catalina - Must authenticate peripherals before establishing a connectionUnixNIST macOS Catalina v1.5.0 - 800-53r5 Moderate
Catalina - Require Administrator Password to Modify System-Wide PreferencesUnixNIST macOS Catalina v1.5.0 - 800-53r4 High
Catalina - Require Administrator Password to Modify System-Wide PreferencesUnixNIST macOS Catalina v1.5.0 - 800-171
CISC-L2-000020 - The Cisco switch must uniquely identify and authenticate all network-connected endpoint devices before establishing any connection.CiscoDISA STIG Cisco IOS XE Switch L2S v3r1
CISC-L2-000020 - The Cisco switch must uniquely identify and authenticate all network-connected endpoint devices before establishing any connection.CiscoDISA STIG Cisco IOS Switch L2S v3r1
CISC-L2-000080 - The Cisco switch must authenticate all endpoint devices before establishing any connection.CiscoDISA STIG Cisco NX-OS Switch L2S v3r2
CISC-RT-000910 - The Cisco Multicast Source Discovery Protocol (MSDP) router must be configured to authenticate all received MSDP packets.CiscoDISA STIG Cisco IOS XE Router RTR v3r2
CISC-RT-000910 - The Cisco Multicast Source Discovery Protocol (MSDP) router must be configured to authenticate all received MSDP packets.CiscoDISA STIG Cisco IOS-XR Router RTR v3r2
CISC-RT-000910 - The Cisco Multicast Source Discovery Protocol (MSDP) router must be configured to authenticate all received MSDP packets.CiscoDISA STIG Cisco IOS Router RTR v3r2
CISC-RT-000910 - The Cisco Multicast Source Discovery Protocol (MSDP) switch must be configured to authenticate all received MSDP packets.CiscoDISA STIG Cisco NX-OS Switch RTR v3r2
CISC-RT-000910 - The Cisco Multicast Source Discovery Protocol (MSDP) switch must be configured to authenticate all received MSDP packets.CiscoDISA STIG Cisco IOS XE Switch RTR v3r1