Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The LockOutRealm must be configured with a login lockout time of 15 minutes.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-224784 | ISEC-06-550310 | SV-224784r505933_rule | Medium |
| Description |
|---|
| LockOutRealm prevents brute force attacks against user passwords. Removal of unneeded or non-secure functions, ports, protocols, and services mitigate the risk of unauthorized connection of devices, unauthorized transfer of information, or other exploitation of these resources. Access to LockOutRealm must be configured to control login attempts by local accounts. The organization must perform a periodic scan/review of the application (as required by CCI-000384) and disable functions, ports, protocols, and services deemed to be unneeded or non-secure. |
| STIG | Date |
|---|---|
| ISEC7 Sphere Security Technical Implementation Guide | 2020-09-04 |
Details
| Check Text ( C-26475r461608_chk ) |
|---|
| Verify the lockOutTime parameter is set to 900 in the LockOutRealm configuration. Login to the ISEC7 EMM Suite server. Navigate to Open the server.xml file with Notepad. Select Edit >> Find and search for LockOutRealm. Verify the lockOutTime parameter is set to 900 in the following file: If the lockOutTime parameter is not set to 900 in the LockOutRealm configuration, this is a finding. |
| Fix Text (F-26463r461609_fix) |
|---|
| Add lockOutTime parameter to the LockOutRealm configuration: Login to the ISEC7 EMM Suite server. Navigate to Open the server.xml file with Notepad. Select Edit>Find and search for LockOutRealm. Add the following line is in the server.xml file: Restart the ISEC7 EMM Suite Web service in the services.msc |