The network device must disable identifiers (individuals, groups, roles, and devices) after 35 days of inactivity.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-55113 | SRG-APP-000163-NDM-000251 | SV-69359r1_rule | Medium |
| Description |
|---|
| Inactive identifiers pose a risk to network devices. Attackers that are able to exploit an inactive identifier can potentially obtain and maintain undetected access to the device. Owners of inactive accounts will not notice if unauthorized access to their account has been obtained. Network devices need to track periods of inactivity and disable application identifiers after 35 days of inactivity. |
| STIG | Date |
|---|---|
| Network Device Management Security Requirements Guide | 2015-06-26 |
Details
| Check Text ( C-55935r1_chk ) |
|---|
| Determine if the network device disables identifiers after 35 days of inactivity. This requirement may be verified by configuration review or validated test results. This requirement may be met through use of a properly configured authentication server if the device is configured to use the authentication server. If identifiers are not disabled after 35 days of inactivity, this is a finding. |
| Fix Text (F-60179r1_fix) |
|---|
| Configure the network device or its associated authentication server to disable identifiers after 35 days of inactivity. |