STIGQter: STIG Summary: Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide Version: 1 Release: 2 Benchmark Date: 24 Jan 2020:

AAA Services used for 802.1x must be configured to use secure Extensible Authentication Protocol (EAP), such as EAP-TLS, EAP-TTLS, and PEAP.

DISA Rule

SV-95611r1_rule

Vulnerability Number

V-80901

Group Title

SRG-APP-000516-AAA-000440

Rule Version

SRG-APP-000516-AAA-000440

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Configure AAA Services used for 802.1x to use secure EAP, such as EAP-TLS, EAP-TTLS, and PEAP.

Check Contents

Verify AAA Services used for 802.1x are configured to use secure EAP. Currently acceptable secure protocols are EAP-TLS, EAP-TTLS, and PEAP.

If AAA Services used for 802.1x are not configured to use secure EAP, this is a finding.

Vulnerability Number

V-80901

Documentable

False

Rule Version

SRG-APP-000516-AAA-000440

Severity Override Guidance

Verify AAA Services used for 802.1x are configured to use secure EAP. Currently acceptable secure protocols are EAP-TLS, EAP-TTLS, and PEAP.

If AAA Services used for 802.1x are not configured to use secure EAP, this is a finding.

Check Content Reference

M

Target Key

3357

Comments