UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The Voice Video Endpoint used for videoconferencing must use multifactor authentication for network access.


Overview

Finding ID Version Rule ID IA Controls Severity
V-66747 SRG-NET-000140-VVEP-00032 SV-81237r1_rule Medium
Description
To assure accountability and prevent unauthenticated access, users must utilize multifactor authentication to prevent potential misuse and compromise of the system. Multifactor authentication uses two or more factors to achieve authentication. Factors include: (i) Something you know (e.g., password/PIN); (ii) Something you have (e.g., cryptographic identification device, token); or (iii) Something you are (e.g., biometric). Network access is any access to an application by a user (or process acting on behalf of a user) where said access is obtained through a network connection. The DoD CAC with DoD-approved PKI is an example of multifactor authentication. This does not apply to authentication for the purpose of configuring the device itself (i.e., device management).
STIG Date
Voice Video Endpoint Security Requirements Guide 2017-01-04

Details

Check Text ( C-67397r1_chk )
If the Voice Video Endpoint is not a hardware endpoint, this check procedure is Not Applicable.

Verify the Voice Video Endpoint used for videoconferencing uses multifactor authentication for network access. For hardware endpoints, the devices must use certificates to register with the session manager or multipoint controller.

If the Voice Video Endpoint used for videoconferencing does not use multifactor authentication for network access, this is a finding.
Fix Text (F-72847r1_fix)
Configure the Voice Video Endpoint used for videoconferencing to use multifactor authentication for network access.