STIGQter: STIG Summary: Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide Version: 1 Release: 2 Benchmark Date: 24 Jan 2020:

AAA Services must be configured to uniquely identify and authenticate organizational users.

DISA Rule

SV-95601r1_rule

Vulnerability Number

V-80891

Group Title

SRG-APP-000148-AAA-000390

Rule Version

SRG-APP-000148-AAA-000390

Severity

CAT I

CCI(s)

• CCI-000764 - The information system uniquely identifies and authenticates organizational users (or processes acting on behalf of organizational users).

Weight

10

Fix Recommendation

Configure AAA Services to uniquely identify and authenticate organizational users.

Check Contents

Verify AAA Services are configured to uniquely identify and authenticate organizational users. For STIGs produced from this requirement, when AAA Services are used to authenticate processes acting on behalf of organizational users, they also must be uniquely identified and authenticated.

If AAA Services are not configured to uniquely identify and authenticate organizational users, this is a finding.

Vulnerability Number

V-80891

Documentable

False

Rule Version

SRG-APP-000148-AAA-000390

Severity Override Guidance

Verify AAA Services are configured to uniquely identify and authenticate organizational users. For STIGs produced from this requirement, when AAA Services are used to authenticate processes acting on behalf of organizational users, they also must be uniquely identified and authenticated.

If AAA Services are not configured to uniquely identify and authenticate organizational users, this is a finding.

Check Content Reference

M

Target Key

3357

Comments