Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
iSCSI passwords are not compliant with DoD policy.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-15791 | ESX0090 | SV-16730r1_rule | Medium |
| Description |
|---|
| Storage administrators will protect storage configuration data from unauthorized users by using passwords that are in accordance with the policy in DoDI 8500.2 |
| STIG | Date |
|---|---|
| VMware ESX 3 Server | 2016-05-13 |
Details
| Check Text ( C-15978r1_chk ) |
|---|
| Work with the system administrator to determine compliance. Request the system administrator login to the iSCSI storage device and verify that the password is 14 characters. Review the complexity requirements are met by reviewing the configuration with the system administrator. The complexity requirements are one upper case letter, one lower case letter, one special character, and one number. If the password does not meet these requirements, this is a finding. |
| Fix Text (F-15733r1_fix) |
|---|
| Configure all iSCSI passwords according to DoD policy. |