STIGQter: STIG Summary: Application Layer Gateway (ALG) Security Requirements Guide (SRG) Version: 1 Release: 2 Benchmark Date: 24 Jul 2015:

The ALG providing PKI-based user authentication intermediary services must map authenticated identities to the user account.

DISA Rule

SV-68779r1_rule

Vulnerability Number

V-54533

Group Title

SRG-NET-000166-ALG-000101

Rule Version

SRG-NET-000166-ALG-000101

Severity

CAT II

CCI(s)

• CCI-000187 - The information system, for PKI-based authentication, maps the authenticated identity to the account of the individual or group.

Weight

10

Fix Recommendation

If PKI-based user authentication intermediary services are provided, configure the ALG to map the authenticated identities to the user account.

Check Contents

If the ALG does not provide PKI-based user authentication intermediary services, this is not applicable.

Verify the ALG maps the authenticated identity to the user account for PKI-based authentication.

If the ALG does not map the authenticated identity to the user account for PKI-based authentication, this is a finding.

Vulnerability Number

V-54533

Documentable

False

Rule Version

SRG-NET-000166-ALG-000101

Severity Override Guidance

If the ALG does not provide PKI-based user authentication intermediary services, this is not applicable.

Verify the ALG maps the authenticated identity to the user account for PKI-based authentication.

If the ALG does not map the authenticated identity to the user account for PKI-based authentication, this is a finding.

Check Content Reference

M

Target Key

2489

Comments