Free DISA STIG and SRG Library | Vaulted

V-56815

The operating system must accept Personal Identity Verification (PIV) credentials.

Finding ID
SRG-OS-000376-GPOS-00161
Rule ID
SV-71075r1_rule
Severity
Cat II
CCE
(None)
Group Title
SRG-OS-000376-GPOS-00161
CCI
CCI-001953
Target Key
(None)
Documentable
No
Discussion

The use of PIV credentials facilitates standardization and reduces the risk of unauthorized access. DoD has mandated the use of the CAC to support identity management and personal authentication for systems covered under Homeland Security Presidential Directive (HSPD) 12, as well as making the CAC a primary component of layered protection for national security systems.

Fix Text

Configure the operating system to accept Personal Identity Verification (PIV) credentials.

Check Content

Verify the operating system accepts Personal Identity Verification (PIV) credentials. If it does not, this is a finding.