The operating system must notify the user of the number of successful logins/accesses that occur during the organization defined time period.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-33244	SRG-OS-000233-NA	SV-43662r1_rule		Medium

Description
Users need to be aware of activity that occurs regarding their account. Providing users with information regarding the number of successful attempts made to login to their account allows the user to determine if any unauthorized activity has occurred and gives them an opportunity to notify administrators. Rationale for non-applicability: Resource constraints on mobile devices preclude implementation of all IA functions. The applicability of this control may be reconsidered at a future date if subsequent generations of mobile devices are better able to support this control and the applications and data typically on the device justify its implementation.

Description

Users need to be aware of activity that occurs regarding their account. Providing users with information regarding the number of successful attempts made to login to their account allows the user to determine if any unauthorized activity has occurred and gives them an opportunity to notify administrators. Rationale for non-applicability: Resource constraints on mobile devices preclude implementation of all IA functions. The applicability of this control may be reconsidered at a future date if subsequent generations of mobile devices are better able to support this control and the applications and data typically on the device justify its implementation.

STIG	Date
Mobile Operating System Security Requirements Guide	2013-07-03

Details

Check Text ( C-41540r1_chk )
This requirement is NA for the Mobile OS SRG.

Fix Text (F-37174r1_fix)
The requirement is NA. No fix is required.