UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The operating system must automatically audit account modification.


Overview

Finding ID Version Rule ID IA Controls Severity
V-33250 SRG-OS-000239-NA SV-43668r1_rule Medium
Description
Once an attacker establishes initial access to a system, they often attempt to create a persistent method of re-establishing access. One way to accomplish this is for the attacker to simply modify an existing account. Rationale for non-applicability: For the purposes of this SRG, a mobile operating system is assumed to support a single human-accessible user account. Traditional auditing of account management functions is not required in this context.
STIG Date
Mobile Operating System Security Requirements Guide 2013-07-03

Details

Check Text ( C-41546r1_chk )
This requirement is NA for the Mobile OS SRG.
Fix Text (F-37180r1_fix)
The requirement is NA. No fix is required.