Upon successful login, the network device must notify the user of the date and time of the last login.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| SRG-NET-000048-NDM-000031 | SRG-NET-000048-NDM-000031 | SRG-NET-000048-NDM-000031_rule | Low |
| Description |
|---|
| Providing users with information regarding the date and time of their last successful login allows the user to determine if any unauthorized activity has occurred and gives them an opportunity to notify administrators. This incorporates all methods of login including, but not limited to, SSH, HTTP, HTTPS, and physical connectivity. |
| STIG | Date |
|---|---|
| Network Device Management Security Requirements Guide | 2013-07-30 |
Details
| Check Text ( C-SRG-NET-000048-NDM-000031_chk ) |
|---|
| Connect to the network device. Note if the date and time of last login is displayed. If the date and time of the last login of the user is not displayed upon login, this is a finding. |
| Fix Text (F-SRG-NET-000048-NDM-000031_fix) |
|---|
| Configure the network device to display the date and time of the last login by the user upon successful login. |