UCF STIG Viewer Logo

The application must use organization-defined replay-resistant authentication mechanisms for network access to non-privileged accounts.


Overview

Finding ID Version Rule ID IA Controls Severity
V-26908 SRG-APP-000157 SV-34188r1_rule Medium
Description
An authentication process resists replay attacks if it is impractical to achieve a successful authentication by recording and replaying a previous authentication message. Techniques used to address this include protocols using nonce's (e.g., numbers generated for a specific one time use) or challenges (e.g., TLS, WS_Security), and time synchronous or challenge-response one-time authenticators.
STIG Date
Application Security Requirements Guide 2011-12-28

Details

Check Text ( None )
None
Fix Text (None)
None