Title

The container platform must be configured to use multi-factor authentication for user authentication. (Cat II impact)

Discussion

Controlling access to the container platform and its components is paramount in having a secure and stable system. Validating users is the first step in controlling the access. Users may be validated by the overall container platform or they may be validated by each component. To standardize and reduce the risks of unauthorized access, the use of multifactor token-based credentials is the preferred method. DoD has mandated the use of the CAC to support identity management and personal authentication for systems covered under HSPD 12, as well as a primary component of layered protection for national security systems.

Check Content

Review documentation and configuration to ensure the container platform is configured to use an approved DoD multifactor token (CAC) when accessing platform via user interfaces. If multifactor authentication is not configured, this is a finding.

Fix Text

Configure the container platform to accept standard DoD multifactor token-based credentials when users interface with the platform.

Additional Identifiers

Rule ID: SV-233195r879764_rule

Vulnerability ID: V-233195

Group Title: SRG-APP-000391

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.