UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The network device must generate alerts that can be forwarded to the administrators and IAO when accounts are disabled.


Overview

Finding ID Version Rule ID IA Controls Severity
V-55189 SRG-APP-000293-NDM-000277 SV-69435r1_rule Medium
Description
When application accounts are disabled, administrator accessibility is affected. Accounts are utilized for identifying individual device administrators or for identifying the device processes themselves. In order to detect and respond to events that affect administrator accessibility and device processing, devices must audit account disabling actions and, as required, notify the appropriate individuals so they can investigate the event. Such a capability greatly reduces the risk that device accessibility will be negatively affected for extended periods of time and also provides logging that can be used for forensic purposes.
STIG Date
Network Device Management Security Requirements Guide 2015-12-20

Details

Check Text ( C-55811r1_chk )
Determine if the network device generates alerts that can be forwarded to the administrators and IAO when accounts are disabled. This requirement may be verified by demonstration or configuration review. If the network device is configured to use an authentication server which would perform this function, this is not a finding. If alerts are not generated when accounts are disabled and forwarded to the administrators and IAO, this is a finding.
Fix Text (F-60055r1_fix)
Configure the network device or its associated authentication server to send a notification message to the administrators and IAO when accounts are disabled.