Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The operating system must use multifactor authentication for local access to non-privileged accounts.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| SRG-OS-000108-ESXI5-PNF | SRG-OS-000108-ESXI5-PNF | SRG-OS-000108-ESXI5-PNF_rule | Medium |
| Description |
|---|
| Multifactor authentication is defined as using two or more factors to achieve authentication. Factors include: (i) something you know (e.g., password/PIN); (ii) something you have (e.g., cryptographic identification device, token); or (iii) something you are (e.g., biometric). A non-privileged account is defined as an operating system account with authorizations of a regular or non-privileged user. Local access is defined as access to an organizational information system by a user (or process acting on behalf of a user) communicating through a direct connection without the use of a network. Not applicable - Not a General Purpose (GP) OS. No non-privileged accounts. |
| STIG | Date |
|---|---|
| VMware ESXi v5 Security Technical Implementation Guide | 2013-01-15 |
Details
| Check Text ( C-SRG-OS-000108-ESXI5-PNF_chk ) |
|---|
| ESXi supports this requirement and cannot be configured to be out of compliance. This is a permanent not a finding. |
| Fix Text (F-SRG-OS-000108-ESXI5-PNF_fix) |
|---|
| This requirement is permanent not a finding. No fix is required. |