Title

The VMM must accept Personal Identity Verification (PIV) credentials. (Cat II impact)

Discussion

The use of PIV credentials facilitates standardization and reduces the risk of unauthorized access. DoD has mandated the use of the CAC to support identity management and personal authentication for systems covered under Homeland Security Presidential Directive (HSPD) 12 and as a primary component of layered protection for national security systems.

Check Content

Verify the VMM accepts Personal Identity Verification (PIV) credentials. If it does not, this is a finding.

Fix Text

Configure the VMM to accept Personal Identity Verification (PIV) credentials.

Additional Identifiers

Rule ID: SV-207481r958816_rule

Vulnerability ID: V-207481

Group Title: SRG-OS-000376

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.