STIGQter: STIG Summary: Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide Version: 1 Release: 2 Benchmark Date: 24 Jan 2020:

AAA Services must be configured to enforce authorized access to the corresponding private key for PKI-based authentication.

DISA Rule

SV-95639r1_rule

Vulnerability Number

V-80929

Group Title

SRG-APP-000176-AAA-000590

Rule Version

SRG-APP-000176-AAA-000590

Severity

CAT II

CCI(s)

• CCI-000186 - The information system, for PKI-based authentication, enforces authorized access to the corresponding private key.

Weight

10

Fix Recommendation

Configure AAA Services to enforce authorized access to the corresponding private key for PKI-based authentication.

Check Contents

Verify AAA Services are configured to enforce authorized access to the corresponding private key for PKI-based authentication.

If AAA Services are not configured to enforce authorized access to the corresponding private key, this is a finding.

Vulnerability Number

V-80929

Documentable

False

Rule Version

SRG-APP-000176-AAA-000590

Severity Override Guidance

Verify AAA Services are configured to enforce authorized access to the corresponding private key for PKI-based authentication.

If AAA Services are not configured to enforce authorized access to the corresponding private key, this is a finding.

Check Content Reference

M

Target Key

3357

Comments