Documentation - V-243494

V-243494

Active Directory Domain Security Technical Implementation Guide

CAT III

Title

Each cross-directory authentication configuration must be documented.

Description

<VulnDiscussion>Active Directory (AD) external, forest, and realm trust configurations are designed to extend resource access to a wider range of users (those in other directories). If specific baseline documentation of authorized AD external, forest, and realm trust configurations is not maintained, it is impossible to determine if the configurations are consistent with the intended security policy.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable...

Fix Text (Documentation Requirement)

Develop documentation for each AD external, forest, and realm trust configuration. At a minimum this must include: Type (external, forest, or realm) Name of the other party Confidentiality, Availability, and Integrity categorization Classification level of the other party Trust direction (inbound and/or outbound) Transitivity Status of the Selective Authentication option Status of the SID filtering option

View Full STIG Details →

Documentation Status

Status

Documented Verified - link to a ship document Awaiting Review Evidence submitted, needs verification Pending Needs documentation Not Required Documentation not needed Not Applicable STIG doesn't apply

Notes (Optional)

Cancel