STIGhubSTIGhub
STIGsRMF ControlsCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • RMF Controls
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 4 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to Virtual Machine Manager Security Requirements Guide

V-264322

CAT II (Medium)

The VMM must accept only external credentials that are NIST-compliant.

Rule ID

SV-264322r984281_rule

STIG

Virtual Machine Manager Security Requirements Guide

Version

V2R3

CCIs

CCI-004083

Discussion

Acceptance of only NIST-compliant external authenticators applies to organizational systems that are accessible to the public (e.g., public-facing websites). External authenticators are issued by nonfederal government entities and are compliant with [SP 800-63B]. Approved external authenticators meet or exceed the minimum federal government-wide technical, security, privacy, and organizational maturity requirements. Meeting or exceeding federal requirements allows federal government relying parties to trust external authenticators in connection with an authentication transaction at a specified authenticator assurance level.

Check Content

Verify the VMM is configured to accept only external credentials that are NIST-compliant.

If the VMM is not configured to accept only external credentials that are NIST-compliant, this is a finding.

Fix Text

Configure the VMM to accept only external credentials that are NIST-compliant.