Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-55249 | SRG-APP-000390-NDM-000307 | SV-69495r1_rule | Medium |
Description |
---|
Without re-authenticating devices, unidentified or unknown devices may be introduced; thereby facilitating malicious activity. |
STIG | Date |
---|---|
Network Device Management Security Requirements Guide | 2015-06-26 |
Check Text ( C-55869r1_chk ) |
---|
Check to see if the network device requires devices to re-authenticate when authenticators change. This requirement may be verified by demonstration, configuration review, or validated test results. This requirement may be met through use of a properly configured authentication server if the device is configured to use the authentication server. If devices are not required to re-authenticate when authenticators change, this is a finding. |
Fix Text (F-60113r1_fix) |
---|
Configure the network device to require devices to re-authenticate when authenticators change. |