Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The network device must use automated mechanisms to restrict the use of maintenance tools to authorized personnel only.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| SRG-NET-000172-NDM-000131 | SRG-NET-000172-NDM-000131 | SRG-NET-000172-NDM-000131_rule | Medium |
| Description |
|---|
| This requirement addresses security-related issues associated with maintenance tools used specifically for diagnostic and repair actions on organizational information systems. Maintenance tools include hardware/software diagnostic test equipment and hardware/software packet sniffers. Maintenance tools connecting to a network device may contain malware or insert unauthorized capabilities; therefore, their use must be restricted to authorized personnel. |
| STIG | Date |
|---|---|
| Network Device Management Security Requirements Guide | 2013-07-30 |
Details
| Check Text ( C-SRG-NET-000172-NDM-000131_chk ) |
|---|
| Verify the network device restricts the use of maintenance tools to authorized system administrators. If the use of maintenance tools is not restricted to authorized personnel only, this is a finding. |
| Fix Text (F-SRG-NET-000172-NDM-000131_fix) |
|---|
| Configure the network device to restrict access to maintenance tools for the network device to authorized system administrators. |