The IDPS must notify the user of the number of successful login attempts to the local device occurring during an organizationally defined time period.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| SRG-NET-000050-IDPS-000067 | SRG-NET-000050-IDPS-000067 | SRG-NET-000050-IDPS-000067_rule | Low |
| Description |
|---|
| Providing users with information regarding the date and time of their last successful login allows the user to determine if any unauthorized activity has occurred and gives them an opportunity to notify administrators. |
| STIG | Date |
|---|---|
| IDPS Security Requirements Guide (SRG) | 2012-03-08 |
Details
| Check Text ( C-43195_chk ) |
|---|
| Have the administrator connect to the management console using the GUI. Note if the number of successful login attempts to the local device occurring during an organizationally defined time period. Have the administrator connect to the maintenance console using the SSH interface. Note if the number of successful login attempts to the local device occurring during an organizationally defined time period. Repeat the above steps for each sensor. If number of successful login attempts to the local device occurring during an organizationally defined time period is not displayed, this is a finding. |
| Fix Text (F-43195_fix) |
|---|
| Configure the IDPS management console GUI and SSH interface to display the number of successful login attempts to the local device occurring during an organizationally defined time period. |