STIGQter: STIG Summary: Virtual Private Network (VPN) Security Requirements Guide Version: 2 Release: 3 Benchmark Date: 23 Apr 2021:

The VPN Gateway must accept the Common Access Card (CAC) credential.

DISA Rule

SV-207239r608988_rule

Vulnerability Number

V-207239

Group Title

SRG-NET-000341

Rule Version

SRG-NET-000341-VPN-001350

Severity

CAT II

CCI(s)

• CCI-001953 - The information system accepts Personal Identity Verification (PIV) credentials.

Weight

10

Fix Recommendation

Configure the VPN Gateway to accept the CAC credential.

Check Contents

Verify the VPN Gateway accepts PIV credentials.

If the VPN Gateway does not accept the CAC credential, this is a finding.

Vulnerability Number

V-207239

Documentable

False

Rule Version

SRG-NET-000341-VPN-001350

Severity Override Guidance

Verify the VPN Gateway accepts PIV credentials.

If the VPN Gateway does not accept the CAC credential, this is a finding.

Check Content Reference

M

Target Key

2920

Comments