| Vuln ID | Severity | Asset | STIG | Title | Status | Doc Status | Assigned To | Actions |
|---|---|---|---|---|---|---|---|---|
| V-263608 | CAT II | MONT-DB-002 | Database Security Requirements Guide | The DBMS must implement multifactor authentication... | - | |||
Check TextVerify the DBMS is configured to implement multifactor authentication for local; network; and/or remote access to privileged accounts; and/or nonprivileged accounts such that one of the factors is provided by a device separate from the system gaining access. If the DBMS is not configured to implement multifactor authentication for local; network; and/or remote access to privileged accounts; and/or nonprivileged accounts such that one of the factors is provided by a device separate from the system gaining access, this is a finding. Fix TextConfigure the DBMS to implement multifactor authentication for local; network; and/or remote access to privileged accounts; and/or nonprivileged accounts such that one of the factors is provided by a device separate from the system gaining access. CommentsThe database server can only be accessed by a privileged user who creates an Afloat Operations Service Desk ticket. Once the Afloat Operations Service Desk confirms the privileged user has the proper credentials, a domain admin account is created for the user and is valid for 14 days. The accounts within the database are a separate directory service then the Active Directory Services used to access the database server or workstation.
Source: Montford Point ShipCLIP DB V4R4.ckl
Scan Date: 2026-03-06T12:50:21.809591
Technology Area: Database Review
|
||||||||