Capacity
CCI-000804
Uniquely identify and authenticate non-organizational users or processes acting on behalf of non-organizational users.
21
Rule
Severity: Medium
Ensure All Accounts on the System Have Unique User IDs
30
Rule
Severity: Medium
Ensure All Accounts on the System Have Unique Names
1
Rule
Severity: Medium
Ensure no duplicate UIDs exist
2
Rule
Severity: Medium
The Anonymous Logon and Everyone groups must not be members of the Pre-Windows 2000 Compatible Access group.
1
Rule
Severity: Medium
Kona Site Defender must not strip origin-defined HTTP session headers.
2
Rule
Severity: Medium
The ALG providing user authentication intermediary services must uniquely identify and authenticate non-organizational users (or processes acting on behalf of non-organizational users).
2
Rule
Severity: Medium
The application must uniquely identify and authenticate non-organizational users (or processes acting on behalf of non-organizational users).
1
Rule
Severity: Medium
The CA API Gateway providing user authentication intermediary services must uniquely identify and authenticate non-organizational users (or processes acting on behalf of non-organizational users).
8
Rule
Severity: Medium
The DBMS must uniquely identify and authenticate non-organizational users (or processes acting on behalf of non-organizational users).
1
Rule
Severity: Medium
IBM Aspera Faspex must uniquely identify and authenticate non-organizational users (or processes acting on behalf of non-organizational users).
1
Rule
Severity: Medium
IBM Aspera Shares must uniquely identify and authenticate non-organizational users (or processes acting on behalf of non-organizational users).
1
Rule
Severity: Medium
The DataPower Gateway providing user authentication intermediary services must uniquely identify and authenticate non-organizational users (or processes acting on behalf of non-organizational users).
1
Rule
Severity: Medium
CA VM:Secure product NORULE record in the SECURITY CONFIG file must be configured to REJECT.
1
Rule
Severity: Medium
The IBM z/VM TCP/IP ANONYMOU statement must not be coded in FTP configuration.
2
Rule
Severity: Medium
The Juniper SRX Services Gateway VPN must uniquely identify and authenticate non-organizational users (or processes acting on behalf of non-organizational users).
2
Rule
Severity: Medium
The Mainframe Product must uniquely identify and authenticate non-organizational users (or processes acting on behalf of non-organizational users).
2
Rule
Severity: Medium
Azure SQL Database must uniquely identify and authenticate nonorganizational users (or processes acting on behalf of nonorganizational users).
1
Rule
Severity: Medium
SharePoint must uniquely identify and authenticate non-organizational users (or processes acting on behalf of non-organizational users).
3
Rule
Severity: Medium
SQL Server must uniquely identify and authenticate non-organizational users (or processes acting on behalf of non-organizational users).
4
Rule
Severity: Medium
The Tanium application must uniquely identify and authenticate nonorganizational users (or processes acting on behalf of nonorganizational users).
2
Rule
Severity: Medium
The VPN Gateway must uniquely identify and authenticate non-organizational users (or processes acting on behalf of non-organizational users).
3
Rule
Severity: Medium
The Ubuntu operating system must uniquely identify interactive users.
3
Rule
Severity: Medium
PostgreSQL must uniquely identify and authenticate non-organizational users (or processes acting on behalf of non-organizational users).
2
Rule
Severity: Medium
The EDB Postgres Advanced Server must uniquely identify and authenticate nonorganizational users (or processes acting on behalf of nonorganizational users).
2
Rule
Severity: Medium
The operating system must uniquely identify and must authenticate non-organizational users (or processes acting on behalf of non-organizational users).
2
Rule
Severity: High
All accounts on AIX must be assigned unique User Identification Numbers (UIDs) and must authenticate organizational and non-organizational users (or processes acting on behalf of these users).
2
Rule
Severity: Medium
CA-ACF2 defined user accounts must uniquely identify system users.
2
Rule
Severity: Medium
CA-TSS user accounts must uniquely identify system users.
2
Rule
Severity: Medium
IBM RACF user accounts must uniquely identify system users.
2
Rule
Severity: Medium
IBM z/OS startup parameters for the FTP server must have the INACTIVE statement properly set.
2
Rule
Severity: Medium
MarkLogic Server must uniquely identify and authenticate non-organizational users (or processes acting on behalf of non-organizational users).
2
Rule
Severity: Medium
The MariaDB must uniquely identify and authenticate nonorganizational users (or processes acting on behalf of nonorganizational users).
2
Rule
Severity: Medium
MongoDB must uniquely identify and authenticate non-organizational users (or processes acting on behalf of non-organizational users).
4
Rule
Severity: Medium
The built-in guest account must be disabled.
2
Rule
Severity: Medium
Windows 11 systems must use a BitLocker PIN with a minimum length of six digits for pre-boot authentication.
2
Rule
Severity: Medium
Windows Server 2016 built-in guest account must be disabled.
2
Rule
Severity: Medium
Windows Server 2019 must have the built-in guest account disabled.
2
Rule
Severity: Medium
Windows Server 2022 must have the built-in guest account disabled.
2
Rule
Severity: Medium
OL 8 duplicate User IDs (UIDs) must not exist for interactive users.
2
Rule
Severity: Medium
The MySQL Database Server 8.0 must uniquely identify and authenticate non-organizational users (or processes acting on behalf of non-organizational users).
2
Rule
Severity: Medium
Redis Enterprise DBMS must uniquely identify and authenticate non-organizational users (or processes acting on behalf of non-organizational users).
4
Rule
Severity: Medium
The SUSE operating system must not have duplicate User IDs (UIDs) for interactive users.
2
Rule
Severity: Medium
RHEL 9 duplicate User IDs (UIDs) must not exist for interactive users.
4
Rule
Severity: Medium
Duplicate UIDs must not exist for multiple non-organizational users.
4
Rule
Severity: Medium
The vCenter Server must uniquely identify and authenticate users or processes acting on behalf of users.
1
Rule
Severity: Medium
The BIG-IP APM module must be configured to uniquely identify and authenticate non-organizational users (or processes acting on behalf of non-organizational users) when connecting to virtual servers.
1
Rule
Severity: Medium
The BIG-IP Core implementation must be configured to uniquely identify and authenticate non-organizational users (or processes acting on behalf of non-organizational users) when connecting to virtual servers.
1
Rule
Severity: Medium
Ubuntu 22.04 LTS must uniquely identify interactive users.
1
Rule
Severity: Medium
PostgreSQL must uniquely identify and authenticate nonorganizational users (or processes acting on behalf of nonorganizational users).
1
Rule
Severity: High
The F5 BIG-IP appliance providing user authentication intermediary services must uniquely identify and authenticate users using redundant authentication servers and multifactor authentication (MFA).
1
Rule
Severity: Medium
MongoDB must uniquely identify and authenticate nonorganizational users (or processes acting on behalf of nonorganizational users).
1
Rule
Severity: Medium
SLEM 5 must not have duplicate User IDs (UIDs) for interactive users.
1
Rule
Severity: Medium
TOSS duplicate User IDs (UIDs) must not exist for interactive users.
Patternfly
PatternFly elements
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Modules