Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The network device must dynamically manage identifiers, attributes, and associated access authorizations.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| SRG-NET-000152-NDM-000109 | SRG-NET-000152-NDM-000109 | SRG-NET-000152-NDM-000109_rule | Medium |
| Description |
|---|
| This control addresses dynamic management of account identifiers. Identifiers identify an individual, group, role, or device. Common device identifiers include, but are not limited to, media access control (MAC), Internet protocol (IP) addresses, or device-unique token identifiers. User identifiers are the names of the information system accounts associated with specific individuals. Dynamic establishment of new identifiers and their associated authorizations will occur while the system is operational. New identifiers or changes to existing identifiers must take effect without the need for a system or session restart. Pre-established trust relationships and mechanisms with appropriate authorities (e.g., Active Directory or AAA server) which validate each identifier are essential to prevent unauthorized access by changed or revoked accounts. Dynamic functionality also prevents disruption of operations by minimizing the need for system restarts. |
| STIG | Date |
|---|---|
| Network Device Management Security Requirements Guide | 2013-07-30 |
Details
| Check Text ( C-SRG-NET-000152-NDM-000109_chk ) |
|---|
| Verify the network device dynamically manages identifiers, attributes, and access authorizations. If the network device does not dynamically manage identifiers, attributes, and associated access authorizations, this is a finding. |
| Fix Text (F-SRG-NET-000152-NDM-000109_fix) |
|---|
| Configure the network device to dynamically manage identifiers, attributes, and associated access authorizations. |