STIGQter: STIG Summary: Application Server Security Requirements Guide Version: 3 Release: 1 Benchmark Date: 23 Oct 2020:

The application server must electronically verify Personal Identity Verification (PIV) credentials for access to the management interface.

DISA Rule

SV-204801r508029_rule

Vulnerability Number

V-204801

Group Title

SRG-APP-000392

Rule Version

SRG-APP-000392-AS-000240

Severity

CAT II

CCI(s)

• CCI-001954 - The information system electronically verifies Personal Identity Verification (PIV) credentials.

Weight

10

Fix Recommendation

Configure the application server to electronically verify PIV credentials to access the management interface.

Check Contents

Review application server documentation and configuration to ensure the application server electronically verifies PIV credentials to the management interface.

If PIV credentials are not electronically verified, this is a finding.

Vulnerability Number

V-204801

Documentable

False

Rule Version

SRG-APP-000392-AS-000240

Severity Override Guidance

Review application server documentation and configuration to ensure the application server electronically verifies PIV credentials to the management interface.

If PIV credentials are not electronically verified, this is a finding.

Check Content Reference

M

Target Key

2900

Comments