STIGQter: STIG Summary: VMW vRealize Automation 7.x vAMI Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 28 Sep 2018:

The vAMI must use a site-defined, user management system to uniquely identify and authenticate users (or processes acting on behalf of organizational users).

DISA Rule

SV-100871r1_rule

Vulnerability Number

V-90221

Group Title

SRG-APP-000148-AS-000101

Rule Version

VRAU-VA-000195

Severity

CAT II

CCI(s)

• CCI-000764 - The information system uniquely identifies and authenticates organizational users (or processes acting on behalf of organizational users).

Weight

10

Fix Recommendation

Consult the appropriate VMware technical guide to implement the site-specific enterprise user management system.

Check Contents

Interview the ISSO and/or the SA.

Determine the enterprise user management system being used to uniquely identify and authenticate users.

If the vAMI is not configured to use the enterprise user management system, this is a finding.

Vulnerability Number

V-90221

Documentable

False

Rule Version

VRAU-VA-000195

Severity Override Guidance

Interview the ISSO and/or the SA.

Determine the enterprise user management system being used to uniquely identify and authenticate users.

If the vAMI is not configured to use the enterprise user management system, this is a finding.

Check Content Reference

M

Target Key

3449

Comments