CCI-001953
Accepts Personal Identity Verification-compliant credentials.
1 rule found Severity: High
1 rule found Severity: Medium
1 rule found Severity: Medium
The WebSphere Application Server multifactor authentication for network access to privileged accounts must be used.
1 rule found Severity: Medium
WebGUI access to the MQ Appliance network device must accept Personal Identity Verification (PIV) credentials.
1 rule found Severity: Medium
1 rule found Severity: Low
2 rules found Severity: Medium
Nutanix AOS must accept Personal Identity Verification (PIV) credentials to access the management interface.
1 rule found Severity: Medium
Innoslate must use multifactor authentication for network access to privileged and non-privileged accounts.
1 rule found Severity: High
Common Access Card (CAC)-based authentication must be enabled and enforced on the Tanium Server for all access and all accounts.
2 rules found Severity: Medium
Multi-factor authentication must be enabled and enforced on the Tanium Server for all access and all accounts.
1 rule found Severity: Medium
The macOS system must accept and verify Personal Identity Verification (PIV) credentials, implement a local cache of revocation data to support path discovery and validation in case of the inability to access revocation information via the network, and only allow the use of DoD PKI-established certificate authorities for verification of the establishment of protected sessions.
1 rule found Severity: Medium
2 rules found Severity: Medium
The Red Hat Enterprise Linux operating system must uniquely identify and must authenticate users using multifactor authentication via a graphical user logon.
1 rule found Severity: Medium
The Red Hat Enterprise Linux operating system must have the required packages for multifactor authentication installed.
1 rule found Severity: Medium
The Red Hat Enterprise Linux operating system must implement multifactor authentication for access to privileged accounts via pluggable authentication modules (PAM).
1 rule found Severity: Medium
The Red Hat Enterprise Linux operating system must implement certificate status checking for PKI authentication.
1 rule found Severity: Medium
1 rule found Severity: Medium
The macOS system must accept and verify Personal Identity Verification (PIV) credentials, implement a local cache of revocation data to support path discovery and validation in case of the inability to access revocation information via the network, and only allow the use of DOD PKI-established certificate authorities for verification of the establishment of protected sessions.
1 rule found Severity: Medium
The Cisco VPN remote access server must be configured to accept Common Access Card (CAC) credential credentials.
1 rule found Severity: Medium
1 rule found Severity: Medium
1 rule found Severity: Low
1 rule found Severity: Medium
The Oracle Linux operating system must have the required packages for multifactor authentication installed.
1 rule found Severity: Medium
The Oracle Linux operating system must implement multifactor authentication for access to privileged accounts via pluggable authentication modules (PAM).
1 rule found Severity: Medium
The Oracle Linux operating system must implement certificate status checking for PKI authentication.
1 rule found Severity: Medium
1 rule found Severity: Medium
1 rule found Severity: Medium
SLEM 5 must implement multifactor authentication for access to privileged accounts via pluggable authentication modules (PAM).
1 rule found Severity: Medium
1 rule found Severity: Medium
Splunk Enterprise must use an SSO proxy service, F5 device, or SAML implementation to accept the DOD common access card (CAC) or other smart card credential for identity management, personal authentication, and multifactor authentication.
1 rule found Severity: Medium
Splunk Enterprise must accept the DOD CAC or other PKI credential for identity management and personal authentication.
1 rule found Severity: High
Multifactor authentication must be enabled and enforced on the Tanium Server for all access and all accounts.
1 rule found Severity: Medium
1 rule found Severity: Medium
NixOS must implement multifactor authentication for remote access to privileged accounts in such a way that one of the factors is provided by a device separate from the system gaining access.
1 rule found Severity: Medium
The application server must accept Personal Identity Verification (PIV) credentials to access the management interface.
1 rule found Severity: High
1 rule found Severity: Medium
1 rule found Severity: Medium
The Central Log Server must be configured to accept the DoD CAC credential to support identity management and personal authentication.
1 rule found Severity: Medium
The container platform must be configured to use multi-factor authentication for user authentication.
1 rule found Severity: Medium
Dragos Platform must accept the DOD CAC or other PKI credential for identity management and personal authentication.
1 rule found Severity: Medium
1 rule found Severity: Medium
The VPN Gateway must uniquely identify and authenticate organizational users (or processes acting on behalf of organizational users).
1 rule found Severity: Medium
1 rule found Severity: Medium
2 rules found Severity: Medium
1 rule found Severity: Medium
Prisma Cloud Compute must be configured to require local user accounts to use x.509 multifactor authentication.
1 rule found Severity: Medium
The Palo Alto Networks security platform must accept and verify Personal Identity Verification (PIV) credentials.
1 rule found Severity: Medium
The SUSE operating system must have the packages required for multifactor authentication to be installed.
2 rules found Severity: Medium
The SUSE operating system must implement certificate status checking for multifactor authentication.
2 rules found Severity: Medium
The SUSE operating system must implement multifactor authentication for access to privileged accounts via pluggable authentication modules (PAM).
2 rules found Severity: Medium
1 rule found Severity: Medium