Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The operating system must use multifactor authentication for network access to privileged accounts.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| SRG-OS-000105-ESXI5-PF | SRG-OS-000105-ESXI5-PF | SRG-OS-000105-ESXI5-PF_rule | Medium |
| Description |
|---|
| Multifactor authentication is defined as using two or more factors to achieve authentication. Factors include:(i) something you know (e.g., password/PIN);(ii) something you have (e.g., cryptographic identification device, or token); or(iii) something you are (e.g., biometric). A privileged account is defined as an operating system account with authorizations of a privileged user. Network access is defined as access to an operating system by a user (or a process acting on behalf of a user) communicating through a network. Permanent finding - ESXi v5 does not support this multifactor authentication requirement. |
| STIG | Date |
|---|---|
| VMware ESXi v5 Security Technical Implementation Guide | 2013-01-15 |
Details
| Check Text ( C-SRG-OS-000105-ESXI5-PF_chk ) |
|---|
| ESXi does not support this requirement. This is a permanent finding. |
| Fix Text (F-SRG-OS-000105-ESXI5-PF_fix) |
|---|
| This requirement is a permanent finding and cannot be fixed. An appropriate mitigation for the system must be implemented but this finding cannot be considered fixed. |