Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-35413 | SRG-APP-000156-MAPP-NA | SV-46700r1_rule | Medium |
Description |
---|
An authentication process resists replay attacks if it is impractical to achieve a successful authentication by recording and replaying a previous authentication message. Techniques used to address this include protocols using nonce's (e.g., numbers generated for a specific one time use) or challenges (e.g., TLS, WS_Security), and time synchronous or challenge-response one-time authenticators. Rationale for non-applicability: Mobile applications that support remote access are not within the scope of this SRG. |
STIG | Date |
---|---|
Mobile Application Security Requirements Guide | 2013-01-04 |
Check Text ( C-43765r1_chk ) |
---|
This requirement is NA for the MAPP SRG. |
Fix Text (F-39957r1_fix) |
---|
The requirement is NA. No fix is required. |