Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The Enterprise Voice, Video, and Messaging Endpoint must use multifactor authentication for network access to nonprivileged (nonadmin) accounts.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-259965 | SRG-NET-000140-VVEP-00010 | SV-259965r956067_rule | Medium |
| Description |
|---|
| To ensure accountability and prevent unauthenticated access, nonprivileged users must use multifactor authentication to prevent potential misuse and compromise of the system. Multifactor authentication is implemented most often with software type endpoints, as this can be implemented at the operating system level. More recent advances in hardware may allow implementation at the hardware endpoint. Multifactor authentication uses two or more factors to achieve authentication. Factors include: (i) Something you know (e.g., password/PIN); (ii) Something you have (e.g., cryptographic identification device, token); or (iii) Something you are (e.g., biometric). The DOD CAC with DOD-approved PKI is an example of multifactor authentication. |
| STIG | Date |
|---|---|
| Enterprise Voice, Video, and Messaging Endpoint Security Requirements Guide | 2024-03-06 |
Details
| Check Text ( C-63696r956066_chk ) |
|---|
| Verify the Enterprise Voice, Video, and Messaging Endpoint uses multifactor authentication for network access to nonprivileged (nonadmin) accounts. If the Enterprise Voice, Video, and Messaging Endpoint does not use multifactor authentication for network access to nonprivileged (nonadmin) accounts, this is a finding. |
| Fix Text (F-63603r956067_fix) |
|---|
| Configure the Enterprise Voice, Video, and Messaging Endpoint to use multifactor authentication for network access to nonprivileged (nonadmin) accounts. |