mirror of
https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git
synced 2026-06-14 06:54:57 +03:00
mukul975
27 lines
1.2 KiB
Markdown
27 lines
1.2 KiB
Markdown
# Standards and References - MFA with Duo
|
|
|
|
## NIST Standards
|
|
- **NIST SP 800-63B**: Digital Identity Guidelines - Authentication and Lifecycle Management
|
|
- AAL1: Single-factor authentication
|
|
- AAL2: Multi-factor authentication (Duo Push, TOTP)
|
|
- AAL3: Hardware-based phishing-resistant (FIDO2, PIV)
|
|
- **NIST SP 800-53 Rev 5**: IA-2, IA-2(1), IA-2(2), IA-2(6), IA-2(8), IA-3, IA-5
|
|
|
|
## Duo Documentation
|
|
- **Duo Authentication Proxy**: https://duo.com/docs/authproxy-reference
|
|
- **Duo for RDP**: https://duo.com/docs/rdp
|
|
- **Duo Unix (SSH)**: https://duo.com/docs/duounix
|
|
- **Duo Web SDK**: https://duo.com/docs/duoweb
|
|
- **Duo Verified Push**: https://duo.com/blog/webauthn-passwordless-fido2-explained-componens-passwordless-architecture
|
|
- **Duo Admin API**: https://duo.com/docs/adminapi
|
|
|
|
## CISA Guidance
|
|
- **CISA MFA Guidance**: Phishing-resistant MFA requirement for federal agencies
|
|
- **EO 14028**: Executive Order on Improving the Nation's Cybersecurity - MFA mandate
|
|
|
|
## Compliance
|
|
- **PCI DSS 4.0**: Requirement 8.3.1 - MFA for all access to CDE
|
|
- **HIPAA**: 45 CFR 164.312(d) - Person or entity authentication
|
|
- **SOX**: MFA for privileged financial system access
|
|
- **CMMC**: Level 2 - IA.L2-3.5.3 Multi-factor authentication
|