CCI-000768
The information system implements multifactor authentication for local access to non-privileged accounts.
Common Access Card (CAC)-based authentication must be enabled and enforced on the Tanium Server for all access and all accounts.
2 rules found Severity: Medium
Multi-factor authentication must be enabled and enforced on the Tanium Server for all access and all accounts.
1 rule found Severity: Medium
The macOS system must use multifactor authentication for local access to privileged and non-privileged accounts.
1 rule found Severity: High
The Ubuntu operating system must implement smart card logins for multifactor authentication for access to accounts.
1 rule found Severity: Medium
2 rules found Severity: High
The macOS system must use multifactor authentication for local access to privileged and nonprivileged accounts.
1 rule found Severity: High
The Ubuntu operating system must implement smart card logins for multifactor authentication for local and network access to privileged and nonprivileged accounts.
1 rule found Severity: Medium
1 rule found Severity: Medium
Active Directory user accounts, including administrators, must be configured to require the use of a Common Access Card (CAC), Personal Identity Verification (PIV)-compliant hardware token, or Alternate Logon Token (ALT) for user authentication.
1 rule found Severity: Medium
The Oracle Linux operating system must uniquely identify and must authenticate organizational users (or processes acting on behalf of organizational users) using multifactor authentication.
1 rule found Severity: Medium
SLEM 5 must implement multifactor authentication for access to privileged accounts via pluggable authentication modules (PAM).
1 rule found Severity: Medium
Multifactor authentication must be enabled and enforced on the Tanium Server for all access and all accounts.
2 rules found Severity: Medium
1 rule found Severity: Medium
The macOS system must enforce multifactor authentication for privilege escalation through the sudo command.
1 rule found Severity: Medium
The application must use multifactor (e.g., CAC, Alt. Token) authentication for local access to nonprivileged accounts.
1 rule found Severity: Medium
Ubuntu 22.04 LTS must implement multifactor authentication for remote access to privileged accounts in such a way that one of the factors is provided by a device separate from the system gaining access.
1 rule found Severity: Medium
Ubuntu 22.04 LTS must implement smart card logins for multifactor authentication for local and network access to privileged and nonprivileged accounts.
1 rule found Severity: Medium
1 rule found Severity: Medium
Windows Server 2019 Active Directory user accounts, including administrators, must be configured to require the use of a Common Access Card (CAC), Personal Identity Verification (PIV)-compliant hardware token, or Alternate Logon Token (ALT) for user authentication.
1 rule found Severity: Medium
Windows Server 2022 Active Directory user accounts, including administrators, must be configured to require the use of a Common Access Card (CAC), Personal Identity Verification (PIV)-compliant hardware token, or Alternate Logon Token (ALT) for user authentication.
1 rule found Severity: Medium
Access to Prisma Cloud Compute must be managed based on user need and least privileged using external identity providers for authentication and grouping to role-based assignments when possible.
1 rule found Severity: Medium
1 rule found Severity: Medium