The network element must require users of information system accounts, or roles, with access to organizationally defined security functions or security relevant information, use non-privileged accounts or roles, when accessing non-security functions.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-34504	SRG-NET-000035-IDPS-NA	SV-45346r1_rule		Medium

Description
The concept of least privilege is also applied to information system processes, ensuring that the processes operate at privilege levels no higher than necessary to accomplish required organizational missions and/or functions. Accounts used to perform security-related functions on the IDPS components must not be used to perform non-privileged functions on the IDPS. Security functions include, for example, establishing system accounts, configuring access authorizations (i.e., permissions, privileges), setting events to be audited, and setting intrusion detection parameters. Non-privileged security functions are not authorized on the IDPS components regardless of configuration.

Description

The concept of least privilege is also applied to information system processes, ensuring that the processes operate at privilege levels no higher than necessary to accomplish required organizational missions and/or functions. Accounts used to perform security-related functions on the IDPS components must not be used to perform non-privileged functions on the IDPS. Security functions include, for example, establishing system accounts, configuring access authorizations (i.e., permissions, privileges), setting events to be audited, and setting intrusion detection parameters. Non-privileged security functions are not authorized on the IDPS components regardless of configuration.

STIG	Date
Intrusion Detection and Prevention Systems (IDPS) Security Requirements Guide	2012-11-19

Details

Check Text ( C-42696r1_chk )
This requirement is NA for IDPS. No fix required.

Fix Text (F-38742r1_fix)
This requirement is NA for IDPS. No fix required.