Detections
Analytics

CCI|CCI-004047

Title

Implement multi-factor authentication for local; network; and/or remote access to privileged accounts; and/or non-privileged accounts such that the device meets organization-defined strength of mechanism requirements.

Reference Item Details

Category: 2024

Audit Items

View all Reference Audit Items

NamePluginAudit Name
APPL-14-003050 - The macOS system must enforce multifactor authentication for logon.UnixDISA Apple macOS 14 (Sonoma) STIG v2r1
APPL-14-003051 - The macOS system must enforce multifactor authentication for the su command.UnixDISA Apple macOS 14 (Sonoma) STIG v2r1
APPL-14-003052 - The macOS system must enforce multifactor authentication for privilege escalation through the sudo command.UnixDISA Apple macOS 14 (Sonoma) STIG v2r1
JUEX-NM-000640 - The Juniper EX switch must be configured to use an authentication server for the purpose of authenticating users prior to granting administrative access.JuniperDISA Juniper EX Series Network Device Management v2r1
JUSX-DM-000095 - The Juniper SRX Services Gateway must be configured to use an authentication server to centrally manage authentication and logon settings for remote and nonlocal access.JuniperDISA Juniper SRX Services Gateway NDM v3r1
OL08-00-010390 - OL 8 must have the package required for multifactor authentication installed.UnixDISA Oracle Linux 8 STIG v2r1
OL08-00-010400 - OL 8 must implement certificate status checking for multifactor authentication.UnixDISA Oracle Linux 8 STIG v2r1
OL08-00-020250 - OL 8 must implement multifactor authentication for access to interactive accounts.UnixDISA Oracle Linux 8 STIG v2r1
RHEL-09-611165 - RHEL 9 must enable certificate based smart card authentication.UnixDISA Red Hat Enterprise Linux 9 STIG v2r1
SLES-15-020030 - The SUSE operating system must implement multifactor authentication for access to privileged accounts via pluggable authentication modules (PAM).UnixDISA SLES 15 STIG v2r1
SPLK-CL-000045 - Splunk Enterprise must use an SSO proxy service, F5 device, or SAML implementation to accept the DOD common access card (CAC) or other smart card credential for identity management, personal authentication, and multifactor authentication.SplunkDISA STIG Splunk Enterprise 7.x for Windows v3r1 REST API
SPLK-CL-000490 - Splunk Enterprise must accept the DOD CAC or other PKI credential for identity management and personal authentication.SplunkDISA STIG Splunk Enterprise 8.x for Linux v2r1 STIG REST API
TCAT-AS-001320 - Multifactor certificate-based tokens (CAC) must be used when accessing the management interface.UnixDISA STIG Apache Tomcat Application Server 9 v3r1 Middleware
UBTU-22-612010 - Ubuntu 22.04 LTS must implement multifactor authentication for remote access to privileged accounts in such a way that one of the factors is provided by a device separate from the system gaining access.UnixDISA STIG Canonical Ubuntu 22.04 LTS v2r1
UBTU-22-612020 - Ubuntu 22.04 LTS must implement smart card logins for multifactor authentication for local and network access to privileged and nonprivileged accounts.UnixDISA STIG Canonical Ubuntu 22.04 LTS v2r1