From Voice Video Endpoint Security Requirements Guide
Part of SRG-NET-000147-VVEP-00015
Associated with: CCI-001942
A replay attack may enable an unauthorized user to gain access to the application. Authentication sessions between the authenticator and the application validating the user credentials must not be vulnerable to a replay attack. An authentication process resists replay attacks if it is impractical to achieve a successful authentication by recording and replaying a previous authentication message. Voice video endpoints often use passwords or PINs that can be easily exploited.
Verify the Voice Video Endpoint implements replay-resistant authentication mechanisms for network access. If the Voice Video Endpoint does not implement replay-resistant authentication mechanisms for network access, this is a finding.
Configure the Voice Video Endpoint to implement replay-resistant authentication mechanisms for network access.
Lavender hyperlinks in small type off to the right (of CSS
class id
, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle
or
Accept: application/rdf+xml
.
Powered by sagemincer