STIGQter: STIG Summary: Citrix Virtual Apps and Desktop 7.x Workspace App Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 28 Jan 2021:

Citrix Workspace must accept Personal Identity Verification (PIV) credentials.

DISA Rule

SV-234262r640183_rule

Vulnerability Number

V-234262

Group Title

SRG-APP-000391

Rule Version

CVAD-WS-000855

Severity

CAT II

CCI(s)

• CCI-001953 - The information system accepts Personal Identity Verification (PIV) credentials.
• CCI-001954 - The information system electronically verifies Personal Identity Verification (PIV) credentials.

Weight

10

Fix Recommendation

Set the policy value for Administrative Templates >> Citrix Components >> Citrix Workspace >> User authentication >> "Smart card authentication" to "Enabled" and check the "Allow smart card authentication" box.

If the environment leverages PIN pass-through, also check the "Use pass-through authentication for PIN" box.

Check Contents

Verify the policy value for Administrative Templates >> Citrix Components >> Citrix Workspace >> User authentication >> "Smart card authentication" is not set to "Disabled". For this setting, "Not Configured" is equivalent to "Enabled".

If the "Smart card authentication" policy is set to "Disabled", this is a finding.

Vulnerability Number

V-234262

Documentable

False

Rule Version

CVAD-WS-000855

Severity Override Guidance

Verify the policy value for Administrative Templates >> Citrix Components >> Citrix Workspace >> User authentication >> "Smart card authentication" is not set to "Disabled". For this setting, "Not Configured" is equivalent to "Enabled".

If the "Smart card authentication" policy is set to "Disabled", this is a finding.

Check Content Reference

M

Target Key

5268

Comments