UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The designer will ensure the application installs with unnecessary accounts disabled, or deleted, by default.


Overview

Finding ID Version Rule ID IA Controls Severity
V-16799 APP3370 SV-17799r1_rule IAIA-1 Medium
Description
Unnecessary accounts should be disabled to limit the number of entry points for attackers to gain access to the system. Removing unnecessary accounts also limits the number of users and passwords the system administrator must maintain.
STIG Date
Application Security and Development Checklist 2014-12-22

Details

Check Text ( C-17795r1_chk )
Ask the application representative what system accounts are installed/created and/or enabled by default upon installation of the application.

1) If the application installs/creates/enables accounts that are not needed in order for the application to operate, it is a finding.
Fix Text (F-17028r1_fix)
Remove or disable unneeded accounts.