Documentation - V-222528

V-222528

Application Security and Development Security Technical Implementation Guide

CAT II

Title

The application must use multifactor (e.g., CAC, Alt. Token) authentication for local access to nonprivileged accounts.

Description

<VulnDiscussion>To assure accountability, prevent unauthenticated access, and prevent misuse of the system, privileged users must utilize multifactor authentication (MFA) for local access. MFA is defined as using two or more factors to achieve authentication. Factors include: (i) Something a user knows (e.g., password/PIN); (ii) Something a user has (e.g., cryptographic identification device, token); or (iii) Something a user is (e.g., biometric). A nonprivileged account is defined as an info...

Fix Text (Documentation Requirement)

Configure the application to require CAC or Alt. Token authentication for nonprivileged network access.

View Full STIG Details →

Documentation Status

Status

Documented Verified - link to a ship document Awaiting Review Evidence submitted, needs verification Pending Needs documentation Not Required Documentation not needed Not Applicable STIG doesn't apply

Notes (Optional)

Cancel