UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The network device must enforce a Discretionary Access Control (DAC) policy that limits propagation of access rights.


Overview

Finding ID Version Rule ID IA Controls Severity
SRG-NET-000306-NDM-000191 SRG-NET-000306-NDM-000191 SRG-NET-000306-NDM-000191_rule Low
Description
Access control policies (e.g., identity-based policies, role-based policies) and access enforcement mechanisms (e.g., access control lists, policy maps, and cryptography) are used to control access between users and objects (e.g., devices, data, and destination addresses) within the network. Without these security policies, access control and enforcement mechanisms will not prevent unauthorized access to user account information, system logs, and other files.
STIG Date
Network Device Management Security Requirements Guide 2013-07-30

Details

Check Text ( C-SRG-NET-000306-NDM-000191_chk )
Verify the site has configured the network device to implement DAC. Access could be granted based on file types, location, metadata, or source/destination IP address.

If DAC techniques are not used for security control, this is a finding.
Fix Text (F-SRG-NET-000306-NDM-000191_fix)
Configure the network device using DAC as required by organizationally defined policies.