STIGQter: STIG Summary: Solaris 10 X86 Security Technical Implementation Guide Version: 2 Release: 2 Benchmark Date: 22 Jan 2021:

The system, if capable, must be configured to require the use of a CAC, PIV compliant hardware token, or Alternate Logon Token (ALT) for authentication.

DISA Rule

SV-227988r603266_rule

Vulnerability Number

V-227988

Group Title

SRG-OS-000108

Rule Version

GEN009120

Severity

CAT II

CCI(s)

• CCI-000768 - The information system implements multifactor authentication for local access to non-privileged accounts.

Weight

10

Fix Recommendation

Consult vendor documentation to determine the procedures necessary for configuring CAC authentication. Configure all accounts required by policy to use CAC authentication.

Check Contents

Consult vendor documentation to determine if the system is capable of CAC authentication. If it is not, this is not applicable.

Interview the SA to determine if all accounts not exempted by policy are using CAC authentication. If non-exempt accounts are not using CAC authentication, this is a finding.

Vulnerability Number

V-227988

Documentable

False

Rule Version

GEN009120

Severity Override Guidance

Consult vendor documentation to determine if the system is capable of CAC authentication. If it is not, this is not applicable.

Interview the SA to determine if all accounts not exempted by policy are using CAC authentication. If non-exempt accounts are not using CAC authentication, this is a finding.

Check Content Reference

M

Target Key

4061

Comments