STIGQter: STIG Summary: Network Infrastructure Policy Security Technical Implementation Guide Version: 9 Release: 10 Benchmark Date: 24 Jan 2020:

Two-factor authentication must be implemented to restrict access to all network elements.

DISA Rule

SV-15473r2_rule

Vulnerability Number

V-14723

Group Title

Two-factor authentication is not implemented

Rule Version

NET0445

Severity

CAT II

CCI(s)

• CCI-000765 - The information system implements multifactor authentication for network access to privileged accounts.

Weight

10

Fix Recommendation

The network administrator must ensure strong two-factor authentication is being incorporated in the access scheme.

Check Contents

Review all network element configurations to ensure that an authentication server is being used. Then verify that a two-factor authentication method has been implemented. The RADIUS or TACACS server referenced in the configurations will call a two-factor authentication server.

If two-factor authentication is not being used to access all network elements, this is a finding.

Vulnerability Number

V-14723

Documentable

False

Rule Version

NET0445

Severity Override Guidance

Review all network element configurations to ensure that an authentication server is being used. Then verify that a two-factor authentication method has been implemented. The RADIUS or TACACS server referenced in the configurations will call a two-factor authentication server.

If two-factor authentication is not being used to access all network elements, this is a finding.

Check Content Reference

M

Target Key

838

Comments