Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The operating system must enforce the organization defined limit of consecutive invalid access attempts by a user during the organization defined time period.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-32932 | SRG-OS-000021-NA | SV-43330r1_rule | Medium |
| Description |
|---|
| Anytime an authentication method is exposed, allowing for the utilization of an operating system, there is a risk that attempts will be made to obtain unauthorized access. Rationale for non-applicability: This vulnerability is better addressed by CCI-001383, which requires purging information from the device after multiple unsuccessful unlock attempts to the mobile device. |
| STIG | Date |
|---|---|
| Mobile Operating System Security Requirements Guide | 2013-07-03 |
Details
| Check Text ( C-41238r1_chk ) |
|---|
| This requirement is NA for the Mobile OS SRG. |
| Fix Text (F-36848r1_fix) |
|---|
| The requirement is NA. No fix is required. |