CCI|CCI-002007

Title

Prohibit the use of cached authenticators after an organization-defined time period.

Reference Item Details

Category: 2024

Audit Items

View all Reference Audit Items

NamePluginAudit Name
AIOS-18-011500 - Apple iOS/iPadOS 18 must implement the management setting: treat AirDrop as an unmanaged destination.MDMAirWatch - DISA Apple iOS/iPadOS 18 v1r1
AIOS-18-011500 - Apple iOS/iPadOS 18 must implement the management setting: treat AirDrop as an unmanaged destination.MDMMobileIron - DISA Apple iOS/iPadOS 18 v1r1
AIOS-18-011600 - Apple iOS/iPadOS 18 must implement the management setting: not have any Family Members in Family Sharing.MDMMobileIron - DISA Apple iOS/iPadOS 18 v1r1
AIOS-18-011600 - Apple iOS/iPadOS 18 must implement the management setting: not have any Family Members in Family Sharing.MDMAirWatch - DISA Apple iOS/iPadOS 18 v1r1
AIX7-00-001046 - If LDAP authentication is required, AIX must setup LDAP client to refresh user and group caches less than a day.UnixDISA STIG AIX 7.x v3r1
DKER-EE-002490 - The Lifetime Minutes and Renewal Threshold Minutes Login Session Controls must be set to 10 and 0 respectively in Docker Enterprise - lifetime_minutesUnixDISA STIG Docker Enterprise 2.x Linux/Unix UCP v2r2
DKER-EE-002490 - The Lifetime Minutes and Renewal Threshold Minutes Login Session Controls must be set to 10 and 0 respectively in Docker Enterprise - renewal_threshold_minutesUnixDISA STIG Docker Enterprise 2.x Linux/Unix UCP v2r2
DTOO237 - Outlook - The 'remember password' for internet e-mail accounts must be disabled.WindowsDISA STIG Office 2010 Outlook v1r13
DTOO237 - The remember password for internet e-mail accounts must be disabled.WindowsDISA STIG Microsoft Outlook 2013 v1r13
DTOO237 - The remember password for internet e-mail accounts must be disabled.WindowsDISA STIG Microsoft Outlook 2016 v2r3
EDGE-00-000043 - The Password Manager must be disabled.WindowsDISA STIG Edge v2r2
JUEX-NM-000500 - The Juniper EX switch must be configured to prohibit the use of cached authenticators after an organization-defined time period.JuniperDISA Juniper EX Series Network Device Management v2r2
MADB-10-008300 - MariaDB must prohibit the use of cached authenticators after an organization-defined time period.MySQLDBDISA MariaDB Enterprise 10.x v2r2 DB
MD3X-00-000710 - MongoDB must prohibit the use of cached authenticators after an organization-defined time period.UnixDISA STIG MongoDB Enterprise Advanced 3.x v2r3 OS
MD4X-00-005700 - MongoDB must prohibit the use of cached authenticators after an organization-defined time period.UnixDISA STIG MongoDB Enterprise Advanced 4.x v1r4 OS
MYS8-00-010300 - The MySQL Database Server 8.0 must prohibit the use of cached authenticators after an organization-defined time period.MySQLDBDISA Oracle MySQL 8.0 v2r2 DB
OL08-00-020290 - OL 8 must prohibit the use of cached authentications after one day.UnixDISA Oracle Linux 8 STIG v2r2
PHTN-67-000066 - The Photon operating system must prohibit the use of cached authenticators after one day.UnixDISA STIG VMware vSphere 6.7 Photon OS v1r6
RHEL-08-020290 - RHEL 8 must prohibit the use of cached authentications after one day.UnixDISA Red Hat Enterprise Linux 8 STIG v2r1
RHEL-09-631020 - RHEL 9 must prohibit the use of cached authenticators after one day.UnixDISA Red Hat Enterprise Linux 9 STIG v2r2
SLES-12-010670 - If Network Security Services (NSS) is being used by the SUSE operating system it must prohibit the use of cached authentications after one day.UnixDISA SLES 12 STIG v3r1
SLES-12-010680 - The SUSE operating system must configure the Linux Pluggable Authentication Modules (PAM) to prohibit the use of cached offline authentications after one day.UnixDISA SLES 12 STIG v3r1
SLES-15-010490 - If Network Security Services (NSS) is being used by the SUSE operating system it must prohibit the use of cached authentications after one day.UnixDISA SLES 15 STIG v2r2
SLES-15-010500 - The SUSE operating system must configure the Linux Pluggable Authentication Modules (PAM) to prohibit the use of cached offline authentications after one day.UnixDISA SLES 15 STIG v2r2
SYMP-AG-000390 - Symantec ProxySG must prohibit the use of cached authenticators after 300 seconds at a minimum - coreidBlueCoatDISA Symantec ProxySG Benchmark ALG v1r3
SYMP-AG-000390 - Symantec ProxySG must prohibit the use of cached authenticators after 300 seconds at a minimum - iwaBlueCoatDISA Symantec ProxySG Benchmark ALG v1r3
SYMP-AG-000390 - Symantec ProxySG must prohibit the use of cached authenticators after 300 seconds at a minimum - LDAPBlueCoatDISA Symantec ProxySG Benchmark ALG v1r3
SYMP-AG-000390 - Symantec ProxySG must prohibit the use of cached authenticators after 300 seconds at a minimum - RADIUSBlueCoatDISA Symantec ProxySG Benchmark ALG v1r3
SYMP-AG-000390 - Symantec ProxySG must prohibit the use of cached authenticators after 300 seconds at a minimum - siteminderBlueCoatDISA Symantec ProxySG Benchmark ALG v1r3
SYMP-AG-000390 - Symantec ProxySG must prohibit the use of cached authenticators after 300 seconds at a minimum - xmlBlueCoatDISA Symantec ProxySG Benchmark ALG v1r3
SYMP-AG-000390 - Symantec ProxySG must prohibit the use of cached authenticators after 300 seconds at a minimum.BlueCoatDISA Symantec ProxySG Benchmark ALG v1r3
UBTU-16-010690 - Pluggable Authentication Module (PAM) must prohibit the use of cached authentications after one day.UnixDISA STIG Ubuntu 16.04 LTS v2r3
UBTU-18-010030 - The Ubuntu operating system must be configured such that Pluggable Authentication Module (PAM) prohibits the use of cached authentications after one day.UnixDISA STIG Ubuntu 18.04 LTS v2r15
UBTU-20-010441 - The Ubuntu operating system must be configured such that Pluggable Authentication Module (PAM) prohibits the use of cached authentications after one day.UnixDISA STIG Ubuntu 20.04 LTS v2r1
UBTU-22-631015 - Ubuntu 22.04 LTS must be configured such that Pluggable Authentication Module (PAM) prohibits the use of cached authentications after one day.UnixDISA STIG Canonical Ubuntu 22.04 LTS v2r2
WBSP-AS-001210 - The WebSphere Application Server must prohibit the use of cached authenticators after an organization-defined time period.UnixDISA IBM WebSphere Traditional 9 STIG v1r1
WBSP-AS-001210 - The WebSphere Application Server must prohibit the use of cached authenticators after an organization-defined time period.UnixDISA IBM WebSphere Traditional 9 STIG v1r1 Middleware
WBSP-AS-001210 - The WebSphere Application Server must prohibit the use of cached authenticators after an organization-defined time period.WindowsDISA IBM WebSphere Traditional 9 Windows STIG v1r1