Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The IDPS must automatically terminate temporary accounts after an organizationally defined time period for each type of account.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| SRG-NET-000002-IDPS-000023 | SRG-NET-000002-IDPS-000023 | SRG-NET-000002-IDPS-000023_rule | Medium |
| Description |
|---|
| Authentication for administrative access to the device is required at all times. Temporary accounts can be used for vendor support in order to perform diagnostics. There is a risk the temporary account may remain in place and active after the vendor support team has left. Temporary accounts could have the highest privilege level which would enable an administrator to gain unauthorized privileges to the device. This requirement is applicable for temporary accounts created for temporary use for vendor support in order to perform diagnostics. |
| STIG | Date |
|---|---|
| IDPS Security Requirements Guide (SRG) | 2012-03-08 |
Details
| Check Text ( C-43141_chk ) |
|---|
| Verify the IDPS is capable of setting automatic expiration for temporary accounts. Work with the site representative to view any temporary accounts that are configured. If the IDPS components do not automatically terminate temporary accounts after an organizationally defined time period based on the type of account, this is a finding. |
| Fix Text (F-43141_fix) |
|---|
| Delete all temporary accounts that are no longer needed. Configure the IDPS to automatically terminate temporary accounts after an organizationally defined time period based on the type of account, |