Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-242233 | TIPP-NM-000012 | SV-242233r710706_rule | Low |
Description |
---|
Device management includes the ability to control the number of administrators and management sessions that manage a device. Requiring authentication for auto reconnecting expired administrator sessions is a best practice that lowers the risk of DoS attacks. |
STIG | Date |
---|---|
Trend Micro TippingPoint NDM Security Technical Implementation Guide | 2021-06-09 |
Check Text ( C-45508r710704_chk ) |
---|
1. Log in to the SMS client. 2. Select >> "Edit" >> "Preferences". Select "Security" Under "Client Preferences". 3. Verify the option for "Auto reconnect client to server after a disconnect occurs" is unchecked. If the TippingPoint SMS does not disable auto reconnect after disconnect, this is a finding. |
Fix Text (F-45466r710705_fix) |
---|
1. Log in to the SMS client. 2. Select >> "Edit" >> "Preferences". Select "Security" Under "Client Preferences". Uncheck "Auto reconnect client to server after a disconnect occurs". 3. Click OK. |