💼 8.10 Ensure only MFA enabled identities can access privileged Virtual Machine (Manual)

ID: /frameworks/cis-azure-v3.0.0/08/10

Description

Verify identities without MFA that can log in to a privileged virtual machine using separate login credentials. An adversary can leverage the access to move laterally and perform actions with the virtual machine's managed identity. Make sure the virtual machine only has necessary permissions, and revoke the admin-level permissions according to the least privileges principal

Similar

Sections
- /frameworks/cis-azure-v2.1.0/07/08
- /frameworks/cis-azure-v4.0.0/04/01/01

Similar Sections (Take Policies From)

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 CIS Azure v2.1.0 → 💼 7.8 Ensure only MFA enabled identities can access privileged Virtual Machine - Level 2 (Automated)			1		no data
💼 CIS Azure v4.0.0 → 💼 4.1.1 Ensure only MFA enabled identities can access privileged Virtual Machine (Manual)			1		no data

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 CIS Azure v2.1.0 → 💼 7.8 Ensure only MFA enabled identities can access privileged Virtual Machine - Level 2 (Automated)			1		no data
💼 CIS Azure v4.0.0 → 💼 4.1.1 Ensure only MFA enabled identities can access privileged Virtual Machine (Manual)			1		no data

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance

Policies (1)

Policy	Logic Count	Flags	Compliance
🛡️ Privileged Azure Virtual Machine is accessed by identities without MFA🟢⚪		🟢 x2, ⚪ x1	no data

Description​

Similar​

Similar Sections (Take Policies From)​

Similar Sections (Give Policies To)​

Sub Sections​

Policies (1)​