The IDPS must notify the appropriate individuals when accounts are created.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| SRG-NET-000006-IDPS-000025 | SRG-NET-000006-IDPS-000025 | SRG-NET-000006-IDPS-000025_rule | Low |
| Description |
|---|
| Account management and distribution is vital to the security of any IDPS. Account management by a designated authority ensures access to IDPS components is secured by granting access to only authorized personnel with the appropriate and necessary privileges. Without a formal approval process for the deployment and modification of accounts, personnel without the proper security clearance may gain access to critical network nodes. It is imperative that all personnel who are granted accounts have completed and submitted the proper request forms and have been approved by the designated authority. Auditing account creation, along with an automatic notification to appropriate individuals, will provide the necessary reconciliation that account management procedures are being followed. |
| STIG | Date |
|---|---|
| IDPS Security Requirements Guide (SRG) | 2012-03-08 |
Details
| Check Text ( C-43143_chk ) |
|---|
| Navigate to the account management or audit notifications screen on the management console. Verify the list of configured alerts includes a notice for account creation. Verify the notice is sent to a designated system administrator. If the system is not configured to notify the designated system administrator when accounts are created, this is a finding. |
| Fix Text (F-43143_fix) |
|---|
| Configure the management console to send a notification message when to designated system administrators when accounts are created. |