STIGQter: STIG Summary: ISEC7 Sphere Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Oct 2020:

When using PKI-based authentication for user access, the ISEC7 EMM Suite must validate certificates by constructing a certification path (which includes status information) to an accepted trust anchor.

DISA Rule

SV-224768r505933_rule

Vulnerability Number

V-224768

Group Title

SRG-APP-000175

Rule Version

ISEC-06-000780

Severity

CAT II

CCI(s)

• CCI-000185 - The information system, for PKI-based authentication, validates certifications by constructing and verifying a certification path to an accepted trust anchor including checking certificate status information.

Weight

10

Fix Recommendation

Login to the server(s) hosting the ISEC7 EMM Suite application.
Open the Microsoft Management Console and add the Local Computer Certificates snap-in.
Open the Trusted Root Certification Authorities >> Certificates.
Install the DoD Root PKI Certificates Authorities to the server.

Check Contents

Login to the server(s) hosting the ISEC7 EMM Suite application.
Open the Microsoft Management Console and add the Local Computer Certificates snap-in.
Open the Trusted Root Certification Authorities >> Certificates.
Verify the DoD Root PKI Certificates Authorities have been added to the server.

If the DoD Root PKI Certificates Authorities have not been added to the server, this is a finding.

Vulnerability Number

V-224768

Documentable

False

Rule Version

ISEC-06-000780

Severity Override Guidance

Login to the server(s) hosting the ISEC7 EMM Suite application.
Open the Microsoft Management Console and add the Local Computer Certificates snap-in.
Open the Trusted Root Certification Authorities >> Certificates.
Verify the DoD Root PKI Certificates Authorities have been added to the server.

If the DoD Root PKI Certificates Authorities have not been added to the server, this is a finding.

Check Content Reference

M

Target Key

4200

Comments