UCF STIG Viewer Logo

Authentication on system administration accounts for wireless management servers must be configured.


Overview

Finding ID Version Rule ID IA Controls Severity
V-26564 WIR-WMS-GD-011 SV-33591r1_rule IAIA-1 IATS-1 High
Description
CTO 07-15Rev1 requires administrator accounts use either CAC authentication or use complex passwords to ensure strong access control is enforced.
STIG Date
Good Mobility Suite Server (Android OS) Security Technical Implementation Guide 2011-12-14

Details

Check Text ( C-34053r1_chk )
Detailed Policy Requirements:
One of the following authentications methods must be enforced for system administrator accounts:

1. CAC authentication.

2. The account password must be compliant with CTO 07-15 Rev1.
–Password must be a 14+ character complex password consisting of at least 2 of the following: upper case letter, lower case letter, numbers, and special characters. The password must be changed every 60 days.

Check Procedures:
The Good messaging server uses Active Directory authentication for admin accounts to the management console. Site admin accounts are usually set up with a user ID/password authentication rather than CAC authentication. Therefore, verify the site AD is set up to require admin accounts to use passwords meeting the requirements of CTO 07-15Rev1. Discuss with the Network and AD reviewer and site IAO to verify compliance.

Mark as a finding if site admin accounts do not meet the requirements.
Fix Text (F-29731r1_fix)
Configure required authentication on system administration accounts for wireless management servers.