UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The container platform must be configured to use multi-factor authentication for user authentication.


Overview

Finding ID Version Rule ID IA Controls Severity
V-233195 SRG-APP-000391-CTR-000935 SV-233195r879764_rule Medium
Description
Controlling access to the container platform and its components is paramount in having a secure and stable system. Validating users is the first step in controlling the access. Users may be validated by the overall container platform or they may be validated by each component. To standardize and reduce the risks of unauthorized access, the use of multifactor token-based credentials is the preferred method. DoD has mandated the use of the CAC to support identity management and personal authentication for systems covered under HSPD 12, as well as a primary component of layered protection for national security systems.
STIG Date
Container Platform Security Requirements Guide 2023-06-05

Details

Check Text ( C-36131r601072_chk )
Review documentation and configuration to ensure the container platform is configured to use an approved DoD multifactor token (CAC) when accessing platform via user interfaces.

If multifactor authentication is not configured, this is a finding.
Fix Text (F-36099r601073_fix)
Configure the container platform to accept standard DoD multifactor token-based credentials when users interface with the platform.