Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-34633 | SRG-NET-000139-IDPS-00103 | SV-45508r1_rule | Medium |
Description |
---|
Multifactor authentication uses two or more factors to achieve authentication. Factors include: (i) something you know (e.g., password/PIN); (ii) something you have (e.g., cryptographic identification device, token); or (iii) something you are (e.g., biometric). A privileged account is defined as: An information system account with authorizations of a privileged user. Network Access is defined as: Access to an information system by a user (or a process acting on behalf of a user) communicating through a network (e.g., local area network, wide area network, Internet). Multifactor authentication provides strong protection for authentication mechanisms. Without a strong authentication method, the system is more easily breached by standard access control attacks. |
STIG | Date |
---|---|
Intrusion Detection and Prevention Systems (IDPS) Security Requirements Guide | 2012-11-19 |
Check Text ( C-42857r1_chk ) |
---|
If authentication functionality is provided by the underlying platform's account management system or by a network authentication server rather than the IDPS application itself, this is not a finding. Verify the configuration for the management console and sensors requires access by a DoD approved multifactor authentication (e.g., PKI, SecureID, or DoD Alternate Token) mechanism. If multifactor authentication is not used for network access to privileged accounts, this is a finding. |
Fix Text (F-38905r1_fix) |
---|
Configure all accounts accessing the IDPS to use multifactor authentication (e.g., PKI, SecureID, or DoD Alternate Token). |