Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
Accounts must be removed from the IDPS, when no longer required.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| SRG-NET-000060-IDPS-000009 | SRG-NET-000060-IDPS-000009 | SRG-NET-000060-IDPS-000009_rule | Low |
| Description |
|---|
| Allowing unnecessary or unauthorized accounts may allow for them to be compromised by unauthorized users who could then gain full control of the device. DoS attacks, interception of sensitive information or other destructive actions could then take place. User accounts, group members, and system defined on the IDPS must be necessary for the use of current users and operations. If unused accounts exist, then unauthorized individuals may compromise information flow and access control attributes, thus adversely impacting network availability or gain unauthorized access to the information. |
| STIG | Date |
|---|---|
| IDPS Security Requirements Guide (SRG) | 2012-03-08 |
Details
| Check Text ( C-43120_chk ) |
|---|
| Obtain a list of authorized IDPS system administrators and other organizationally defined accounts from the site representative. Obtain a list of needed system accounts from the vendor documentation. View the account management function to reconcile the needed accounts with unnecessary accounts. If unneeded accounts are defined in the IDPS user management function, this is a finding. |
| Fix Text (F-43120_fix) |
|---|
| Remove unneeded accounts from the device or the authentication server. |