The network must element protect against an individual falsely denying having performed a particular action.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-27225	SRG-NET-000108	SV-34524r1_rule		Medium

Description
Non-repudiation of actions taken by an administrator is required in order to maintain integrity of the configuration management process. This requires that all configuration changes to the network element are logged as well as requiring network administrators to authenticate with 2-factor authentication or PKI prior to acquiring administrative access to the network element. Together, these processes will ensure the administrators can be held accountable for the configuration changes they implement.

Description

Non-repudiation of actions taken by an administrator is required in order to maintain integrity of the configuration management process. This requires that all configuration changes to the network element are logged as well as requiring network administrators to authenticate with 2-factor authentication or PKI prior to acquiring administrative access to the network element. Together, these processes will ensure the administrators can be held accountable for the configuration changes they implement.

STIG	Date
Network Security Requirements Guide	2011-12-28

Details

Check Text ( None )
None

Fix Text (None)
None