The network device must separate user functionality (including user interface services) from information system management functionality.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
SRG-NET-000182-NDM-000141	SRG-NET-000182-NDM-000141	SRG-NET-000182-NDM-000141_rule		Low

Description
The network device must prevent the presentation of information system management functionality at an interface for general (i.e., non-privileged) users. The intent of this control enhancement is to ensure administration options are not available to general or unauthorized users (including prohibiting the use of the grey-out option commonly used to eliminate accessibility to such information). For example, administration options are not presented until the user has appropriately established a session with administrator privileges.

Description

The network device must prevent the presentation of information system management functionality at an interface for general (i.e., non-privileged) users. The intent of this control enhancement is to ensure administration options are not available to general or unauthorized users (including prohibiting the use of the grey-out option commonly used to eliminate accessibility to such information). For example, administration options are not presented until the user has appropriately established a session with administrator privileges.

STIG	Date
Network Device Management Security Requirements Guide	2013-07-30

Details

Check Text ( C-SRG-NET-000182-NDM-000141_chk )
Verify the network device separates user functionality from information system management functionality. If the network device separates user functionality from information system management functionality, this is a finding.

Fix Text (F-SRG-NET-000182-NDM-000141_fix)
Configure the network device to separate user functionality from information system management functionality.