STIGQter: STIG Summary: Container Platform Security Requirements Guide Version: 1 Release: 1 Benchmark Date: 20 Nov 2020:

The container platform must be configured to use multi-factor authentication for user authentication.

DISA Rule

SV-233195r599509_rule

Vulnerability Number

V-233195

Group Title

SRG-APP-000391

Rule Version

SRG-APP-000391-CTR-000935

Severity

CAT II

CCI(s)

• CCI-001953 - The information system accepts Personal Identity Verification (PIV) credentials.

Weight

10

Fix Recommendation

Configure the container platform to accept standard DoD multifactor token-based credentials when users interface with the platform.

Check Contents

Review documentation and configuration to ensure the container platform is configured to use an approved DoD multifactor token (CAC) when accessing platform via user interfaces.

If multifactor authentication is not configured, this is a finding.

Vulnerability Number

V-233195

Documentable

False

Rule Version

SRG-APP-000391-CTR-000935

Severity Override Guidance

Review documentation and configuration to ensure the container platform is configured to use an approved DoD multifactor token (CAC) when accessing platform via user interfaces.

If multifactor authentication is not configured, this is a finding.

Check Content Reference

M

Target Key

5239

Comments