The network element must enforce dual authorization based on organizational policies and procedures for organization-defined privileged commands.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-26724 | SRG-NET-000016 | SV-33967r1_rule | Medium |
| Description |
|---|
| Dual authorization mechanisms require two forms of approval to execute. An organization may determine certain commands or network element configuration changes require dual-authorization before being activated. However, an organization should not employ dual authorization mechanisms when an immediate response is necessary to ensure public and environmental safety. |
| STIG | Date |
|---|---|
| Network Security Requirements Guide | 2011-12-28 |
Details
| Check Text ( None ) |
|---|
| None |
| Fix Text (None) |
|---|
| None |