Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-6645 | SAN04.017.00 | SV-6791r1_rule | High |
Description |
---|
Without password protection malicious users can create a denial of service by disrupting the SAN or allow the compromise of sensitive date by reconfiguring the SAN topography. The IAO/NSO will ensure that all SAN management consoles and ports are password protected. |
STIG | Date |
---|---|
Storage Area Network STIG | 2018-10-03 |
Check Text ( C-2571r1_chk ) |
---|
The reviewer will, with the assistance of the IAO/NSO, verify that all SAN management consoles and ports are password protected. |
Fix Text (F-6248r1_fix) |
---|
Develop a plan for implementing password protection on the SAN’s management consoles and ports. Obtain CM approval of the plan and execute the plan. |