Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
IT Policy rule “Keystore Password Maximum Timeout” (Security policy group) must be set as required.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-19723 | WIR1450-08 | SV-21864r2_rule | ECSC-1 | Low |
| Description |
|---|
| Encryption keys and certificates stored in the keystore may be exposed to compromise if the keystore is not locked after a set period of inactivity. |
| STIG | Date |
|---|---|
| BlackBerry Enterprise Server (version 5.x), Part 3 Security Technical Implementation Guide | 2013-06-21 |
Details
| Check Text ( C-24160r2_chk ) |
|---|
| Detailed Policy Requirements: A timeout must be set up for the BlackBerry keystore password of 60 or less. 15 is recommended. *****For this check, set IT Policy rule “Keystore Password Maximum Timeout” (Security policy group) to 60 or less. 15 is recommended. Check Procedures: This is a BES IT Policy check. Recommend all checks related to BES IT policies be reviewed using the procedure in Check WIR1400-01 (V0003545). *****Verify IT Policy rule “Keystore Password Maximum Timeout” (Security policy group) is set as required. |
| Fix Text (F-23386r2_fix) |
|---|
| Configure the IT Policy rule Require FIPS Ciphers as specified in the "Checks" block. |