Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
SRG-NET-000182-NDM-000141 | SRG-NET-000182-NDM-000141 | SRG-NET-000182-NDM-000141_rule | Low |
Description |
---|
The network device must prevent the presentation of information system management functionality at an interface for general (i.e., non-privileged) users. The intent of this control enhancement is to ensure administration options are not available to general or unauthorized users (including prohibiting the use of the grey-out option commonly used to eliminate accessibility to such information). For example, administration options are not presented until the user has appropriately established a session with administrator privileges. |
STIG | Date |
---|---|
Network Device Management Security Requirements Guide | 2013-07-30 |
Check Text ( C-SRG-NET-000182-NDM-000141_chk ) |
---|
Verify the network device separates user functionality from information system management functionality. If the network device separates user functionality from information system management functionality, this is a finding. |
Fix Text (F-SRG-NET-000182-NDM-000141_fix) |
---|
Configure the network device to separate user functionality from information system management functionality. |