The operating system must protect non-local maintenance sessions through the use of a strong authenticator tightly bound to the user.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-28843 | SRG-OS-000128 | SV-36833r1_rule | Medium |
| Description |
|---|
| Non-local maintenance and diagnostic activities are those activities conducted by individuals communicating through a network, either an external network (e.g., the Internet) or an internal network. Identification and authentication techniques used in the establishment of non-local maintenance and diagnostic sessions must be accomplished via strong authenticator (i.e., two factor authentication). |
| STIG | Date |
|---|---|
| Operating System Security Requirements Guide | 2013-03-28 |
Details
| Check Text ( None ) |
|---|
| None |
| Fix Text (None) |
|---|
| None |