STIGQter: STIG Summary: Central Log Server Security Requirements Guide Version: 1 Release: 4 Benchmark Date: 24 Jul 2020:

For accounts using password authentication, the Central Log Server must use FIPS-validated SHA-1 or later protocol to protect the integrity of the password authentication process.

DISA Rule

SV-95999r1_rule

Vulnerability Number

V-81285

Group Title

SRG-APP-000172-AU-002550

Rule Version

SRG-APP-000172-AU-002550

Severity

CAT I

CCI(s)

• CCI-000197 - The information system, for password-based authentication, transmits only cryptographically-protected passwords.

Weight

10

Fix Recommendation

Configure the Central Log Server to use FIPS-validated SHA-1 or later protocol to protect the integrity of the password authentication process.

Check Contents

Examine the configuration.

Verify the Central Log Server is configured to use FIPS-validated SHA-1 or later protocol to protect the integrity of the password authentication process.

If the Central Log Server is not configured to use FIPS-validated SHA-1 or later protocol to protect the integrity of the password authentication process, this is a finding.

Vulnerability Number

V-81285

Documentable

False

Rule Version

SRG-APP-000172-AU-002550

Severity Override Guidance

Examine the configuration.

Verify the Central Log Server is configured to use FIPS-validated SHA-1 or later protocol to protect the integrity of the password authentication process.

If the Central Log Server is not configured to use FIPS-validated SHA-1 or later protocol to protect the integrity of the password authentication process, this is a finding.

Check Content Reference

M

Target Key

3395

Comments