Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The VMM must accept only external credentials that are NIST-compliant.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-264322 | SRG-OS-000745-VMM-000210 | SV-264322r984281_rule | Medium |
| Description |
|---|
| Acceptance of only NIST-compliant external authenticators applies to organizational systems that are accessible to the public (e.g., public-facing websites). External authenticators are issued by nonfederal government entities and are compliant with [SP 800-63B]. Approved external authenticators meet or exceed the minimum federal government-wide technical, security, privacy, and organizational maturity requirements. Meeting or exceeding federal requirements allows federal government relying parties to trust external authenticators in connection with an authentication transaction at a specified authenticator assurance level. |
| STIG | Date |
|---|---|
| Virtual Machine Manager Security Requirements Guide | 2024-05-28 |
Details
| Check Text ( C-68235r984279_chk ) |
|---|
| Verify the VMM is configured to accept only external credentials that are NIST-compliant. If the VMM is not configured to accept only external credentials that are NIST-compliant, this is a finding. |
| Fix Text (F-68143r984280_fix) |
|---|
| Configure the VMM to accept only external credentials that are NIST-compliant. |