UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The network device must notify the administrator of changes to access and/or privilege parameters of the administrators account that occurred since the last logon.


Overview

Finding ID Version Rule ID IA Controls Severity
V-55065 SRG-APP-000079-NDM-000219 SV-69311r1_rule Medium
Description
Providing administrators with information regarding security-related changes to their account allows them to determine if any unauthorized activity has occurred. Changes to the account could be an indication of the account being compromised. Hence, without notification to the administrator, the compromise could go undetected if other controls were not in place to mitigate this risk.
STIG Date
Network Device Management Security Requirements Guide 2016-07-07

Details

Check Text ( C-55687r1_chk )
Determine if the network device notifies the administrator of changes to access and/or privilege parameters of the administrator's account that occurred since the last logon. This requirement may be verified by demonstration, configuration review, or validated test results. This requirement may be met through use of a properly configured authentication server if the device is configured to use the authentication server. If the administrator is not notified of changes to access and/or privilege parameters of the administrator's account that occurred since the last logon, this is a finding.
Fix Text (F-59931r1_fix)
Configure the network device to notify the administrator of changes to access and/or privilege parameters of the administrator's account that occurred since the last logon.