UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The network device must ensure administrators are authenticated with an individual authenticator prior to using a group authenticator.


Overview

Finding ID Version Rule ID IA Controls Severity
V-55109 SRG-APP-000153-NDM-000249 SV-69355r1_rule Medium
Description
To assure individual accountability and prevent unauthorized access, administrators must be individually identified and authenticated. Individual accountability mandates that each administrator is uniquely identified. A group authenticator is a shared account or some other form of authentication that allows multiple unique individuals to access the network device using a single account. If a device allows or provides for group authenticators, it must first individually authenticate administrators prior to implementing group authenticator functionality. Some devices may not have the need to provide a group authenticator; this is considered a matter of device design. In those instances where the device design includes the use of a group authenticator, this requirement will apply. This requirement applies to accounts created and managed on or by the network device.
STIG Date
Network Device Management Security Requirements Guide 2017-12-28

Details

Check Text ( C-55733r1_chk )
Determine if the network device ensures that administrators are authenticated with an individual authenticator prior to using a group authenticator. This requirement may be verified by demonstration, configuration review, or validated test results. If the network device does not authenticate administrators with an individual authenticator prior to using a group authenticator, this is a finding.
Fix Text (F-59975r1_fix)
Configure the network device to ensure administrators are authenticated with an individual authenticator prior to using a group authenticator.