UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The network device must disable identifiers (individuals, groups, roles, and devices) after 35 days of inactivity.


Overview

Finding ID Version Rule ID IA Controls Severity
V-55113 SRG-APP-000163-NDM-000251 SV-69359r1_rule Medium
Description
Inactive identifiers pose a risk to network devices. Attackers that are able to exploit an inactive identifier can potentially obtain and maintain undetected access to the device. Owners of inactive accounts will not notice if unauthorized access to their account has been obtained. Network devices need to track periods of inactivity and disable application identifiers after 35 days of inactivity.
STIG Date
Network Device Management Security Requirements Guide 2015-06-26

Details

Check Text ( C-55935r1_chk )
Determine if the network device disables identifiers after 35 days of inactivity. This requirement may be verified by configuration review or validated test results. This requirement may be met through use of a properly configured authentication server if the device is configured to use the authentication server.

If identifiers are not disabled after 35 days of inactivity, this is a finding.
Fix Text (F-60179r1_fix)
Configure the network device or its associated authentication server to disable identifiers after 35 days of inactivity.