The application server must use multifactor authentication for network access to non-privileged accounts.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-35595	SRG-APP-000150-AS-NA	SV-46882r1_rule		Medium

Description
Multifactor authentication is defined as using two or more factors to achieve authentication. Rationale for non-applicability: All accounts on the AS are privileged in some manner. The AS is only accessed by authorized administrators with full control over all functionality and by other authorized administrators serving in roles used to manage specific functionality of the server. Non-privileged accounts will not be present.

Description

Multifactor authentication is defined as using two or more factors to achieve authentication. Rationale for non-applicability: All accounts on the AS are privileged in some manner. The AS is only accessed by authorized administrators with full control over all functionality and by other authorized administrators serving in roles used to manage specific functionality of the server. Non-privileged accounts will not be present.

STIG	Date
Application Server Security Requirements Guide	2013-01-08

Details

Check Text ( C-43937r1_chk )
This requirement is NA for the AS SRG.

Fix Text (F-40136r1_fix)
This requirement is NA. No fix is required.