Free DISA STIG and SRG Library | Vaulted

V-56813

The operating system must electronically verify Personal Identity Verification (PIV) credentials.

Finding ID
SRG-OS-000377-GPOS-00162
Rule ID
SV-71073r1_rule
Severity
Cat II
CCE
(None)
Group Title
SRG-OS-000377-GPOS-00162
CCI
CCI-001954
Target Key
(None)
Documentable
No
Discussion

The use of PIV credentials facilitates standardization and reduces the risk of unauthorized access. DoD has mandated the use of the CAC to support identity management and personal authentication for systems covered under Homeland Security Presidential Directive (HSPD) 12, as well as making the CAC a primary component of layered protection for national security systems.

Fix Text

Configure the operating system to electronically verify Personal Identity Verification (PIV) credentials.

Check Content

Verify the operating system electronically verifies Personal Identity Verification (PIV) credentials. If it does not, this is a finding.