UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The network device must use automated mechanisms to restrict the use of maintenance tools to authorized personnel only.


Overview

Finding ID Version Rule ID IA Controls Severity
SRG-NET-000172-NDM-000131 SRG-NET-000172-NDM-000131 SRG-NET-000172-NDM-000131_rule Medium
Description
This requirement addresses security-related issues associated with maintenance tools used specifically for diagnostic and repair actions on organizational information systems. Maintenance tools include hardware/software diagnostic test equipment and hardware/software packet sniffers. Maintenance tools connecting to a network device may contain malware or insert unauthorized capabilities; therefore, their use must be restricted to authorized personnel.
STIG Date
Network Device Management Security Requirements Guide 2013-07-30

Details

Check Text ( C-SRG-NET-000172-NDM-000131_chk )
Verify the network device restricts the use of maintenance tools to authorized system administrators.

If the use of maintenance tools is not restricted to authorized personnel only, this is a finding.
Fix Text (F-SRG-NET-000172-NDM-000131_fix)
Configure the network device to restrict access to maintenance tools for the network device to authorized system administrators.