STIGQter: STIG Summary: Citrix XenDesktop 7.x Receiver Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 23 Aug 2018:

Citrix Receiver must accept Personal Identity Verification (PIV) credentials.

DISA Rule

SV-96143r1_rule

Vulnerability Number

V-81429

Group Title

SRG-APP-000391

Rule Version

CXEN-RE-000855

Severity

CAT II

CCI(s)

• CCI-001953 - The information system accepts Personal Identity Verification (PIV) credentials.
• CCI-001954 - The information system electronically verifies Personal Identity Verification (PIV) credentials.

Weight

10

Fix Recommendation

Set the policy value for Administrative Templates >> Classic Administrative Templates (ADM) >> Citrix Components >> Citrix Receiver >> User authentication >> Local user name and password to "Enabled" and select the option "Enable pass-through authentication".

Check Contents

Verify the policy value for Administrative Templates >> Classic Administrative Templates (ADM) >> Citrix Components >> Citrix Receiver >> User authentication >> "Local user name and password" is set to "Enabled" with the option "Enable pass-through authentication" checked.

If the "Local user name and password" policy is not "Enabled" or does not have the "Enable pass-through authentication" option checked, this is a finding.

Vulnerability Number

V-81429

Documentable

False

Rule Version

CXEN-RE-000855

Severity Override Guidance

Verify the policy value for Administrative Templates >> Classic Administrative Templates (ADM) >> Citrix Components >> Citrix Receiver >> User authentication >> "Local user name and password" is set to "Enabled" with the option "Enable pass-through authentication" checked.

If the "Local user name and password" policy is not "Enabled" or does not have the "Enable pass-through authentication" option checked, this is a finding.

Check Content Reference

M

Target Key

3289

Comments