Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
SRG-NET-000165-FW-NA | SRG-NET-000165-FW-NA | SRG-NET-000165-FW-NA_rule | Medium |
Description |
---|
The principle factor of PKI implementation is the private key used to encrypt or digitally sign information. If the private key is discovered, an attacker can use the key to authenticate as an authorized user and gain access to the network infrastructure. Enforcing access to private keys for PKI-based authentication is not a firewall function. |
STIG | Date |
---|---|
Firewall Security Requirements Guide | 2012-12-10 |
Check Text ( C-SRG-NET-000165-FW-NA_chk ) |
---|
This requirement is NA for firewall. No fix required. |
Fix Text (F-SRG-NET-000165-FW-NA_fix) |
---|
This requirement is NA for firewall. No fix required. |