Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The IAO/NSO will ensure all user accounts are assigned the lowest privilege level that allows them to perform their duties.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-3057 | NET0465 | SV-3057r6_rule | ECSC-1 | Medium |
| Description |
|---|
| By not restricting administrators and operations personnel to their proper privilege levels, access to restricted functions may be allowed before they are trained or experienced enough to use those functions. Network disruptions or outages could be caused by mistakes made by inexperienced administrators. |
| STIG | Date |
|---|---|
| WLAN Bridge Security Technical Implementation Guide | 2011-10-10 |
Details
| Check Text ( C-3504r3_chk ) |
|---|
| BASE Procedure: The levels can be mapped to commands, which have set privilege levels--or you can reassign levels to commands. Usernames with corresponding passwords can be set to a specific level. |
| Fix Text (F-3082r3_fix) |
|---|
| The administrator will assign accounts with the least privilege rule. Each user will have access to only the privileges they require to perform their respective duties. Access to the highest privilege levels should be restricted to a few users. |