UCF STIG Viewer Logo

Accounts must be removed from the IDPS, when no longer required.


Overview

Finding ID Version Rule ID IA Controls Severity
SRG-NET-000060-IDPS-000009 SRG-NET-000060-IDPS-000009 SRG-NET-000060-IDPS-000009_rule Low
Description
Allowing unnecessary or unauthorized accounts may allow for them to be compromised by unauthorized users who could then gain full control of the device. DoS attacks, interception of sensitive information or other destructive actions could then take place. User accounts, group members, and system defined on the IDPS must be necessary for the use of current users and operations. If unused accounts exist, then unauthorized individuals may compromise information flow and access control attributes, thus adversely impacting network availability or gain unauthorized access to the information.
STIG Date
IDPS Security Requirements Guide (SRG) 2012-03-08

Details

Check Text ( C-43120_chk )
Obtain a list of authorized IDPS system administrators and other organizationally defined accounts from the site representative.
Obtain a list of needed system accounts from the vendor documentation.
View the account management function to reconcile the needed accounts with unnecessary accounts.

If unneeded accounts are defined in the IDPS user management function, this is a finding.
Fix Text (F-43120_fix)
Remove unneeded accounts from the device or the authentication server.