UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The network device must dynamically manage identifiers, attributes, and associated access authorizations.


Overview

Finding ID Version Rule ID IA Controls Severity
SRG-NET-000152-NDM-000109 SRG-NET-000152-NDM-000109 SRG-NET-000152-NDM-000109_rule Medium
Description
This control addresses dynamic management of account identifiers. Identifiers identify an individual, group, role, or device. Common device identifiers include, but are not limited to, media access control (MAC), Internet protocol (IP) addresses, or device-unique token identifiers. User identifiers are the names of the information system accounts associated with specific individuals. Dynamic establishment of new identifiers and their associated authorizations will occur while the system is operational. New identifiers or changes to existing identifiers must take effect without the need for a system or session restart. Pre-established trust relationships and mechanisms with appropriate authorities (e.g., Active Directory or AAA server) which validate each identifier are essential to prevent unauthorized access by changed or revoked accounts. Dynamic functionality also prevents disruption of operations by minimizing the need for system restarts.
STIG Date
Network Device Management Security Requirements Guide 2013-07-30

Details

Check Text ( C-SRG-NET-000152-NDM-000109_chk )
Verify the network device dynamically manages identifiers, attributes, and access authorizations. If the network device does not dynamically manage identifiers, attributes, and associated access authorizations, this is a finding.
Fix Text (F-SRG-NET-000152-NDM-000109_fix)
Configure the network device to dynamically manage identifiers, attributes, and associated access authorizations.