Skip to content
Log In

CCI-004058

For password-based authentication, maintain a list of commonly used, expected, or compromised passwords on an organization-defined frequency.

The Cisco ISE must be configured to use an external authentication server to authenticate administrators prior to granting administrative access.

1 rule found Severity: Medium

Logo

The DNS server implementation must, for password-based authentication, maintain a list of commonly used, expected, or compromised passwords on an organization-defined frequency.

1 rule found Severity: Medium

Logo

The ICS must be configured to prevent nonprivileged users from executing privileged functions.

1 rule found Severity: High

Logo

The Juniper EX switch must be configured to use an authentication server for the purpose of authenticating users prior to granting administrative access.

1 rule found Severity: High

Logo

The network device must be configured to maintain a list of commonly used, expected, or compromised passwords on an organization-defined frequency for password-based authentication.

1 rule found Severity: Medium

Logo

The TippingPoint SMS must be configured to use an authentication server for the purpose of authenticating users prior to granting administrative access and to enforce access restrictions.

1 rule found Severity: High

Logo

The web server must, for password-based authentication, maintain a list of commonly used, expected, or compromised passwords on an organization-defined frequency.

1 rule found Severity: Medium

Logo

The Central Log Server must for password-based authentication, maintain a list of commonly used, expected, or compromised passwords on an organization-defined frequency.

1 rule found Severity: Medium

Logo

The container platform must for password-based authentication, maintain a list of commonly used, expected, or compromised passwords on an organization-defined frequency.

1 rule found Severity: Medium

Logo

The DBMS must, for password-based authentication, maintain a list of commonly used, expected, or compromised passwords on an organization-defined frequency.

1 rule found Severity: Medium

Logo

Forescout must be configured to use an authentication server for the purpose of authenticating users prior to granting administrative access.

1 rule found Severity: Medium

Logo

The Juniper SRX Services Gateway must be configured to use an authentication server to centrally manage authentication and logon settings for remote and nonlocal access.

1 rule found Severity: Medium

Logo

The Mainframe Product must, for password-based authentication, maintain a list of commonly used, expected, or compromised passwords on an organization-defined frequency.

1 rule found Severity: Medium

Logo