STIGhubSTIGhub
STIGsRMF ControlsCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • RMF Controls
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 1 hour ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to IBM AIX 7.x Security Technical Implementation Guide

V-215436

CAT II (Medium)

The AIX operating system must use Multi Factor Authentication.

Rule ID

SV-215436r1009557_rule

STIG

IBM AIX 7.x Security Technical Implementation Guide

Version

V3R2

CCIs

CCI-000765CCI-000766CCI-004046CCI-000767CCI-000768CCI-001948

Discussion

To assure accountability and prevent unauthenticated access, privileged and non-privileged users must utilize multifactor authentication to prevent potential misuse and compromise of the system. Multifactor authentication uses two or more factors to achieve authentication. Factors include: 1. Something you know (e.g., password/PIN); 2. Something you have (e.g., cryptographic identification device, token); and 3. Something you are (e.g., biometric). The DoD CAC with DoD-approved PKI is an example of multifactor authentication. Satisfies: SRG-OS-000105-GPOS-00052, SRG-OS-000106-GPOS-00053, SRG-OS-000107-GPOS-00054, SRG-OS-000108-GPOS-00055, SRG-OS-000375-GPOS-00160

Check Content

Verify that all required packages are installed:

# lslpp -l |grep -i powerscmfa

  powerscMFA.license        1.2.0.1  COMMITTED  PowerSC MFA license files
  powerscMFA.pam.base        1.2.0.1 COMMITTED  PowerSC MFA standard inband
  powerscMFA.pam.fallback    1.2.0.1 COMMITTED  PowerSC MFA Password fallback
  powerscMFA.pam.pmfamapper  1.2.0.1  COMMITTED USB Smartcard Interface to
  powerscMFA.pam.usbsmartcard

If any of the above packages are not installed, this is a finding.

Fix Text

Install the IBM PowerSC MFA product.