STIGQter: STIG Summary: Virtual Private Network (VPN) Security Requirements Guide Version: 2 Release: 3 Benchmark Date: 23 Apr 2021:

For site-to-site VPN Gateway must store only cryptographic representations of Pre-shared Keys (PSKs).

DISA Rule

SV-207256r608988_rule

Vulnerability Number

V-207256

Group Title

SRG-NET-000522

Rule Version

SRG-NET-000522-VPN-002320

Severity

CAT II

CCI(s)

CCI-000196 - The information system, for password-based authentication, stores only cryptographically-protected passwords.

Weight

Fix Recommendation

Configure the VPN Gateway to store only cryptographic representations of the PSK.

Check Contents

Verify the VPN Gateway stores only cryptographic representations of the PSK.

If the VPN Gateway does not store only cryptographic representations of the PSK, this is a finding.

Vulnerability Number

V-207256

Documentable

False

Rule Version

SRG-NET-000522-VPN-002320

Severity Override Guidance

Verify the VPN Gateway stores only cryptographic representations of the PSK.

If the VPN Gateway does not store only cryptographic representations of the PSK, this is a finding.

Check Content Reference

Target Key

2920

For site-to-site VPN Gateway must store only cryptographic representations of Pre-shared Keys (PSKs).

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments