Forescout must disable the Request Customer Verification setting.

Severity	Group ID	Group Title	Version	Rule ID	Date	STIG Version
low	V-230960	SRG-APP-000142-NDM-000245	FORE-NM-000340	SV-230960r960966_rule	2024-09-10	2

Description
To prevent unauthorized connection of devices, unauthorized transfer of information, or unauthorized tunneling (i.e., embedding of data types within data types), organizations must disable unused or unnecessary physical and logical ports/protocols on information systems. This option connects to a user verification server at Forescout infrastructure used for verification of customer profiles and must not be used in DoD. If accidentally checked, this must error out.

Description

To prevent unauthorized connection of devices, unauthorized transfer of information, or unauthorized tunneling (i.e., embedding of data types within data types), organizations must disable unused or unnecessary physical and logical ports/protocols on information systems. This option connects to a user verification server at Forescout infrastructure used for verification of customer profiles and must not be used in DoD. If accidentally checked, this must error out.

ℹ️ Check
In the Password and Sessions login options, ensure "request customer verification" is not enabled. 1. Log on to the Forescout Administrator UI. 2. From the menu, select Tools >> Options >> CounterACT User Profiles >> Password and Sessions. 3. Ensure the option for "request customer verification" is unchecked. If the Request Customer Verification setting is enabled, this is a finding.

✔️ Fix
In the Password and Sessions login options, disable the "request customer verification" option. 1. Log on to the Forescout Administrator UI. 2. From the menu, select Tools >> Options >> CounterACT User Profiles >> Password and Sessions. 3. Ensure the option for "request customer verification" is unchecked.