Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-7992 | DSN18.07 | SV-8478r1_rule | ECSC-1 | Medium |
Description |
---|
Requirement: The IAO will ensure that identification and authentication is required for every session requested in accordance with I&A / password policy. Authentication is a measure used to verify the eligibility of a subject and the ability of that subject to access certain information. Authentication protects against the fraudulent use of a system or the deceptive transmission of information. All users must be authenticated prior to every authorized session allowing system access. This is necessary to ensure that no unauthorized sessions are granted. |
STIG | Date |
---|---|
Defense Switched Network (DSN) STIG | 2015-06-30 |
Check Text ( C-7373r1_chk ) |
---|
Have the IAO or SA demonstrate compliance with the requirement; minimally on a sampling of the related or effected devices. Inspect configuration files as applicable. |
Fix Text (F-7567r1_fix) |
---|
Ensure that all interfaces to the DSN component require authentication before a session is granted. |