UCF STIG Viewer Logo

The IDPS must automatically terminate temporary accounts after an organizationally defined time period for each type of account.


Overview

Finding ID Version Rule ID IA Controls Severity
SRG-NET-000002-IDPS-000023 SRG-NET-000002-IDPS-000023 SRG-NET-000002-IDPS-000023_rule Medium
Description
Authentication for administrative access to the device is required at all times. Temporary accounts can be used for vendor support in order to perform diagnostics. There is a risk the temporary account may remain in place and active after the vendor support team has left. Temporary accounts could have the highest privilege level which would enable an administrator to gain unauthorized privileges to the device. This requirement is applicable for temporary accounts created for temporary use for vendor support in order to perform diagnostics.
STIG Date
IDPS Security Requirements Guide (SRG) 2012-03-08

Details

Check Text ( C-43141_chk )
Verify the IDPS is capable of setting automatic expiration for temporary accounts.
Work with the site representative to view any temporary accounts that are configured.

If the IDPS components do not automatically terminate temporary accounts after an organizationally defined time period based on the type of account, this is a finding.
Fix Text (F-43141_fix)
Delete all temporary accounts that are no longer needed.
Configure the IDPS to automatically terminate temporary accounts after an organizationally defined time period based on the type of account,