UCF STIG Viewer Logo

Authentication on system administration accounts for wireless management servers must be configured.


Finding ID Version Rule ID IA Controls Severity
V-26564 WIR-WMS-GD-011 SV-33591r1_rule IAIA-1 IATS-1 High
CTO 07-15Rev1 requires administrator accounts use either CAC authentication or use complex passwords to ensure strong access control is enforced.
Good Mobility Suite Server (Android OS) Security Technical Implementation Guide 2011-12-14


Check Text ( C-34053r1_chk )
Detailed Policy Requirements:
One of the following authentications methods must be enforced for system administrator accounts:

1. CAC authentication.

2. The account password must be compliant with CTO 07-15 Rev1.
–Password must be a 14+ character complex password consisting of at least 2 of the following: upper case letter, lower case letter, numbers, and special characters. The password must be changed every 60 days.

Check Procedures:
The Good messaging server uses Active Directory authentication for admin accounts to the management console. Site admin accounts are usually set up with a user ID/password authentication rather than CAC authentication. Therefore, verify the site AD is set up to require admin accounts to use passwords meeting the requirements of CTO 07-15Rev1. Discuss with the Network and AD reviewer and site IAO to verify compliance.

Mark as a finding if site admin accounts do not meet the requirements.
Fix Text (F-29731r1_fix)
Configure required authentication on system administration accounts for wireless management servers.