UCF STIG Viewer Logo

The IDPS must notify the user of the number of successful login attempts occurring during an organizationally defined time period.


Overview

Finding ID Version Rule ID IA Controls Severity
V-34517 SRG-NET-000050-IDPS-00044 SV-45359r1_rule Low
Description
Users must be aware of access activity regarding their account. Providing users with information regarding the date and time of their last successful login allows the user to determine if any unauthorized activity has occurred and gives them an opportunity to notify administrators.
STIG Date
Intrusion Detection and Prevention Systems (IDPS) Security Requirements Guide 2012-11-19

Details

Check Text ( C-42707r1_chk )
Initiate a failed logon attempt using the target user's account followed by a successful attempt for the same user account.

If the number of successful login attempts to the local device that happens during an organizationally defined time period is not displayed, this is a finding.
Fix Text (F-38755r1_fix)
Configure the IDPS management console to display the number of successful login attempts to the local device occurring during an organizationally defined time period.