Documentation - V-243443

V-243443

Microsoft Windows PAW Security Technical Implementation Guide

CAT II

Title

Site IT resources designated as high value by the Authorizing Official (AO) must be remotely managed only via a Windows privileged access workstation (PAW).

Description

<VulnDiscussion>The AO must designate which IT resources are high value. The list must include the following IT resources: - Directory service (including Active Directory) - Cloud service - Identity management service - Privileged access management service - Credential management service - Security management service (anti-virus, network monitoring/scanning, IDS/IPS, etc.) - Any sensitive business/mission service - Any other IT resource designated as high value by the AO Note: A high-value IT ...

Fix Text (Documentation Requirement)

The Information System Security Manager (ISSM) or other site personnel will assist the Authorizing Official (AO) in designating and documenting which IT resources in the organization are high value. The organization's list of high-value IT resources will include the following: - Active Directory - Cloud service - Identity management service - Privileged access management service - Credential management service - Security management service (anti-virus, network monitoring/scanning, IDS/IPS, etc.) - Any sensitive business service - Any other IT resource designated as high value by the AO Set up procedures to ensure a Windows PAW is used to remotely manage each of these types of IT resources.

View Full STIG Details →

Documentation Status

Status

Documented Verified - link to a ship document Awaiting Review Evidence submitted, needs verification Pending Needs documentation Not Required Documentation not needed Not Applicable STIG doesn't apply

Notes (Optional)

Cancel