The UEM server, for PKI-based authentication, must implement a local cache of revocation data to support path discovery and validation in case of the inability to access revocation information via the network.

An XCCDF Rule

Details
Profiles

Description

Without configuring a local cache of revocation data, there is the potential to allow access to users who are no longer authorized (users with revoked certificates).

ID: SV-234544r985774_rule
Version: SRG-APP-000401-UEM-000272
Severity: Medium
References: CCI-004068
Updated: about 2 months ago

Remediation Templates

Configure the UEM server to implement a local cache of revocation data to support path discovery and validation in case of the inability to access revocation information via the network for PKI-based authentication.

The UEM server, for PKI-based authentication, must implement a local cache of revocation data to support path discovery and validation in case of the inability to access revocation information via the network.

Description

Remediation Templates

A Manual Procedure