Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-8558 | DSN06.05 | SV-9055r1_rule | ECLP-1 ECSC-1 | Medium |
Description |
---|
Requirement: The IAO will ensure that all systems and devices employ a role-based Discretionary Access Control system used to control access to OAM&P / NM systems, the devices they manage, and their command classes for administrative and maintenance users commensurate with their assigned responsibilities. To ensure system security, all assigned administrator and maintenance user account privileges must be limited to perform their specific function. Furthermore, super user access is to be held to a minimum and assigned to only those most knowledgeable of the system. |
STIG | Date |
---|---|
Defense Switched Network (DSN) STIG | 2015-08-11 |
Check Text ( C-7372r1_chk ) |
---|
Have the IAO or SA demonstrate compliance with the requirement; minimally on a sampling of the related or effected devices. Inspect configuration files as applicable. |
Fix Text (F-7968r1_fix) |
---|
Implement processes / procedures, generate documents, and/or adjust configuration(s) / architecture, as necessary to comply with policy. |