Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-35600 | SRG-APP-000160-AS-NA | SV-46887r1_rule | Medium |
Description |
---|
Device authentication requires unique identification and authentication that may be defined by type, by specific device, or by a combination of type and device, as deemed appropriate by the organization. The required strength of the device authentication mechanism is determined by the security categorization of the information system. Bidirectional authentication provides a means for both connecting parties to mutually authenticate one another and cryptographic authentication provides a secure means of authenticating without the use of clear text passwords. This requirement is intended to address devices that manage or allow wireless devices to connect to the network. This does not apply to an AS. |
STIG | Date |
---|---|
Application Server Security Requirements Guide | 2013-01-08 |
Check Text ( C-43943r1_chk ) |
---|
This requirement is NA for the AS SRG. |
Fix Text (F-40141r1_fix) |
---|
The requirement is NA. No fix is required. |