The network device must notify the user of the number of unsuccessful login attempts occurring during an organizationally defined time period.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| SRG-NET-000051-NDM-000034 | SRG-NET-000051-NDM-000034 | SRG-NET-000051-NDM-000034_rule | Low |
| Description |
|---|
| Providing users with information regarding the number of unsuccessful login attempts to the local device that have occurred over an organizationally defined time period. Without this information, the user may not become aware that unauthorized activity has occurred. This incorporates all methods of login including, but not limited to, SSH, HTTP, HTTPS, and physical connectivity. |
| STIG | Date |
|---|---|
| Network Device Management Security Requirements Guide | 2013-07-30 |
Details
| Check Text ( C-SRG-NET-000051-NDM-000034_chk ) |
|---|
| Connect to the network device. Note the number of unsuccessful login attempts occurring during an organizationally defined time period. If the number of unsuccessful login attempts that occur during an organizationally defined time period is not displayed, this is a finding. |
| Fix Text (F-SRG-NET-000051-NDM-000034_fix) |
|---|
| Configure the network device to display the number of unsuccessful login attempts occurring during an organizationally defined time period. |