Skip to content
ATO Pathways
Log In
Overview
Search
Catalogs
SCAP
OSCAL
Catalogs
Profiles
Documents
References
Knowledge Base
Platform Documentation
Compliance Dictionary
Platform Changelog
About
Catalogs
XCCDF
Symantec ProxySG ALG Security Technical Implementation Guide
SRG-NET-000140-ALG-000094
SRG-NET-000140-ALG-000094
An XCCDF Group - A logical subset of the XCCDF Benchmark
Details
Profiles
Prose
SRG-NET-000140-ALG-000094
1 Rule
<GroupDescription></GroupDescription>
Symantec ProxySG providing user authentication intermediary services must use multifactor authentication for network access to nonprivileged accounts.
Medium Severity
<VulnDiscussion>To assure accountability and prevent unauthenticated access, nonprivileged users must use multifactor authentication to prevent potential misuse and compromise of the system. Multifactor authentication uses two or more factors to achieve authentication. Factors include: 1. Something you know (e.g., password/PIN) 2. Something you have (e.g., cryptographic, identification device, token) 3. Something you are (e.g., biometric) Nonprivileged accounts are not authorized access to the network element regardless of access method. Network access is any access to an application by a user (or process acting on behalf of a user) where the access is obtained through a network connection. Authenticating with a PKI credential and entering the associated PIN is an example of multifactor authentication.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>