UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

AAA Services must be configured to prevent automatically removing emergency accounts.


Overview

Finding ID Version Rule ID IA Controls Severity
V-80823 SRG-APP-000234-AAA-000060 SV-95533r1_rule Medium
Description
Emergency accounts are administrator accounts that are established in response to crisis situations where the need for rapid account activation is required. Therefore, emergency account activation may bypass normal account authorization processes. If these accounts are automatically disabled, system maintenance during emergencies may not be possible, thus adversely affecting system availability. Emergency accounts are different from infrequently used accounts (i.e., local logon accounts used by system administrators when network or normal logon/access is not available). Infrequently used accounts also remain available and are not subject to automatic termination dates. However, an emergency account is normally a different account that is created for use by vendors or system maintainers, that is removed once the crisis has passed. When AAA Services do not perform account management, the connected Active Directory must provide this setting
STIG Date
Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide 2018-10-01

Details

Check Text ( C-80559r3_chk )
If AAA Services rely on directory services for user account management, this is not applicable and the connected directory services must perform this function.

Verify AAA Services are configured to not automatically remove emergency accounts. Emergency accounts must not have automatic termination set.

If AAA Services are configured to automatically remove emergency accounts, this is a finding.
Fix Text (F-87677r3_fix)
Configure AAA Services to not automatically remove emergency accounts. Emergency accounts must not have automatic termination set.