Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-7970 | DSN13.15 | SV-8456r1_rule | ECSC-1 | Medium |
Description |
---|
Requirement: The IAO will ensure that tests are performed for crash-restart vulnerabilities and develop procedures to eliminate vulnerabilities found (i.e., ensure ENHANCED_PASSWORD_CONTROL is active to prevent system logons after restart on Nortel switches). Some systems reset to default settings (i.e. users names, passwords, user access privileges) when a re-boot is initiated. If this is the case and a restart occurs and action is not taken to reset default settings, the risk is increased for unauthorized access. |
STIG | Date |
---|---|
Defense Switched Network (DSN) STIG | 2017-01-19 |
Check Text ( C-4163r1_chk ) |
---|
ensure ENHANCED_PASSWORD_CONTROL is active to prevent system logons after restart on Nortel switches |
Fix Text (F-7968r1_fix) |
---|
Implement processes / procedures, generate documents, and/or adjust configuration(s) / architecture, as necessary to comply with policy. |