Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
Group accounts must not be configured or used for administrative access.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-3056 | NET0460 | SV-3056r4_rule | IAIA-1 IAIA-2 | High |
| Description |
|---|
| Group accounts on any device are strictly prohibited. If these group accounts are not changed when someone leaves the group, that person could possibly gain control of the network device. Having group accounts does not allow for proper auditing of who is accessing or changing the network. |
| STIG | Date |
|---|---|
| WLAN Bridge Security Technical Implementation Guide (STIG) | 2013-03-14 |
Details
| Check Text ( C-3503r8_chk ) |
|---|
| Review the network device configuration and validate there are no group accounts configured for administrative access. |
| Fix Text (F-3081r7_fix) |
|---|
| Configure individual user accounts for each authorized administrator then remove or disable any group accounts with administrative access. |