Documentation - V-222525

V-222525

Application Security and Development Security Technical Implementation Guide

CAT II

Title

The application must electronically verify Personal Identity Verification (PIV) credentials.

Description

<VulnDiscussion>The use of PIV credentials facilitates standardization and reduces the risk of unauthorized access. DoD has mandated the use of the CAC to support identity management and personal authentication for systems covered under HSPD 12, as well as a primary component of layered protection for national security systems. If the application does not verify the credentials provided, user authentication cannot be established which places the integrity and confidentiality of the application...

Fix Text (Documentation Requirement)

Configure the application to require CAC authentication.

View Full STIG Details →

Documentation Status

Status

Documented Verified - link to a ship document Awaiting Review Evidence submitted, needs verification Pending Needs documentation Not Required Documentation not needed Not Applicable STIG doesn't apply

Notes (Optional)

Cancel