STIGQter: STIG Summary: Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide Version: 1 Release: 2 Benchmark Date: 24 Jan 2020:

AAA Services must be configured to require multifactor authentication using Common Access Card (CAC) Personal Identity Verification (PIV) credentials for authenticating non-privileged user accounts.

DISA Rule

SV-95605r1_rule

Vulnerability Number

V-80895

Group Title

SRG-APP-000150-AAA-000410

Rule Version

SRG-APP-000150-AAA-000410

Severity

CAT II

CCI(s)

CCI-000766 - The information system implements multifactor authentication for network access to non-privileged accounts.

Weight

Fix Recommendation

Configure AAA Services to require multifactor authentication using CAC PIV credentials for authenticating non-privileged user accounts.

Check Contents

Verify AAA Services are configured to require multifactor authentication using CAC PIV credentials for authenticating non-privileged user accounts.

If AAA Services are not configured to require multifactor authentication using CAC PIV credentials for authenticating non-privileged user accounts, this is a finding.

AAA Services must be configured to require multifactor authentication using Common Access Card (CAC) Personal Identity Verification (PIV) credentials for authenticating non-privileged user accounts.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments