The container platform must use multifactor authentication for local access to privileged accounts.

An XCCDF Rule