UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The network device must enforce authorized access to the corresponding private key for PKI-based authentication.


Overview

Finding ID Version Rule ID IA Controls Severity
SRG-NET-000165-NDM-000122 SRG-NET-000165-NDM-000122 SRG-NET-000165-NDM-000122_rule Medium
Description
The principle factor of PKI implementation is the private key used to encrypt or digitally sign information. If the private key is discovered, an attacker can use the key to authenticate as an authorized user and gain access to the network infrastructure.
STIG Date
Network Device Management Security Requirements Guide 2013-07-30

Details

Check Text ( C-SRG-NET-000165-NDM-000122_chk )
Verify the network device enforces authorized access to a corresponding private key for PKI-based authentication. If the network device does not enforce authorized access to a corresponding private key for PKI-based authentication, this is a finding.
Fix Text (F-SRG-NET-000165-NDM-000122_fix)
Configure the network device to enforce authorized access to the corresponding private key for PKI-based authentication.