The option to use two-factor authentication when accessing remote access ports is not being used.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-7995 | DSN18.10 | SV-8481r1_rule | ECSC-1 | unknown |
| Description |
|---|
| Requirement: The IAO will ensure that remote access ports require two-factor authentication. This is defined as requiring something along the lines of a token in addition to a User ID and password combination. The use of two-factor authentication will help prevent unauthorized persons from accessing the DSN component. |
| STIG | Date |
|---|---|
| Defense Switched Network STIG | 2015-01-02 |
Details
| Check Text ( C-7376r1_chk ) |
|---|
| Have the IAO or SA demonstrate compliance with the requirement; minimally on a sampling of the related or effected devices. |
| Fix Text (F-7570r1_fix) |
|---|
| Ensure policies and configurations are in place for remote access ports to require two-factor authentication. |