The web server must require users to be individually authenticated before granting access to the shared accounts or resources.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-264342	SRG-APP-000815-WSR-000160	SV-264342r984371_rule		Medium

Description

Individual authentication prior to shared group authentication mitigates the risk of using group accounts or authenticators.

STIG	Date
Web Server Security Requirements Guide	2025-02-12

Details

Check Text (C-68255r984369_chk)

Verify the web server is configured to require users to be individually authenticated before granting access to the shared accounts or resources.

If the web server is not configured to require users to be individually authenticated before granting access to the shared accounts or resources, this is a finding.

Fix Text (F-68163r984370_fix)

Configure the web server to require users to be individually authenticated before granting access to the shared accounts or resources.