Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
Authentication on system administration accounts for wireless management servers must be configured.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-26564 | WIR-WMS-GD-011 | SV-33591r1_rule | IAIA-1 IATS-1 | High |
| Description |
|---|
| CTO 07-15Rev1 requires administrator accounts use either CAC authentication or use complex passwords to ensure strong access control is enforced. |
| STIG | Date |
|---|---|
| Good Mobility Suite Server (Windows Phone 6.5) Security Technical Implementation Guide | 2011-10-04 |
Details
| Check Text ( C-34053r1_chk ) |
|---|
| Detailed Policy Requirements: One of the following authentications methods must be enforced for system administrator accounts: 1. CAC authentication. 2. The account password must be compliant with CTO 07-15 Rev1. –Password must be a 14+ character complex password consisting of at least 2 of the following: upper case letter, lower case letter, numbers, and special characters. The password must be changed every 60 days. Check Procedures: The Good messaging server uses Active Directory authentication for admin accounts to the management console. Site admin accounts are usually set up with a user ID/password authentication rather than CAC authentication. Therefore, verify the site AD is set up to require admin accounts to use passwords meeting the requirements of CTO 07-15Rev1. Discuss with the Network and AD reviewer and site IAO to verify compliance. Mark as a finding if site admin accounts do not meet the requirements. |
| Fix Text (F-29731r1_fix) |
|---|
| Configure required authentication on system administration accounts for wireless management servers. |