The container platform must be configured to use multi-factor authentication for user authentication.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-233195	SRG-APP-000391-CTR-000935	SV-233195r601074_rule		Medium

Description
Controlling access to the container platform and its components is paramount in having a secure and stable system. Validating users is the first step in controlling the access. Users may be validated by the overall container platform or they may be validated by each component. To standardize and reduce the risks of unauthorized access, the use of multifactor token-based credentials is the preferred method. DoD has mandated the use of the CAC to support identity management and personal authentication for systems covered under HSPD 12, as well as a primary component of layered protection for national security systems.

Description

Controlling access to the container platform and its components is paramount in having a secure and stable system. Validating users is the first step in controlling the access. Users may be validated by the overall container platform or they may be validated by each component. To standardize and reduce the risks of unauthorized access, the use of multifactor token-based credentials is the preferred method. DoD has mandated the use of the CAC to support identity management and personal authentication for systems covered under HSPD 12, as well as a primary component of layered protection for national security systems.

STIG	Date
Container Platform Security Requirements Guide	2021-12-14

Details

Check Text ( C-36131r601072_chk )
Review documentation and configuration to ensure the container platform is configured to use an approved DoD multifactor token (CAC) when accessing platform via user interfaces. If multifactor authentication is not configured, this is a finding.

Fix Text (F-36099r601073_fix)
Configure the container platform to accept standard DoD multifactor token-based credentials when users interface with the platform.