UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The network device must notify the user of organizationally defined security related changes to the user's account occurring during the organizationally defined time period.


Overview

Finding ID Version Rule ID IA Controls Severity
SRG-NET-000052-NDM-000035 SRG-NET-000052-NDM-000035 SRG-NET-000052-NDM-000035_rule Low
Description
Providing users with information regarding organizationally defined security related changes to the user's account occurring during the organizationally defined time period, allows the user to determine if any unauthorized activity has occurred and gives them an opportunity to notify administrators. Changes to the user account during a specific time period could be an indication of the account being compromised. Hence, without notification to the user, the compromise could go undetected if other controls were not in place to mitigate this risk.
STIG Date
Network Device Management Security Requirements Guide 2013-07-30

Details

Check Text ( C-SRG-NET-000052-NDM-000035_chk )
Connect to the network device. Note if security changes to the account have been displayed. If security changes to the account are not displayed, this is a finding.
Fix Text (F-SRG-NET-000052-NDM-000035_fix)
Configure the network device to display security changes to an account.