The network device must notify the administrator of changes to access and/or privilege parameters of the administrators account that occurred since the last logon.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-55065 | SRG-APP-000079-NDM-000219 | SV-69311r1_rule | Medium |
| Description |
|---|
| Providing administrators with information regarding security-related changes to their account allows them to determine if any unauthorized activity has occurred. Changes to the account could be an indication of the account being compromised. Hence, without notification to the administrator, the compromise could go undetected if other controls were not in place to mitigate this risk. |
| STIG | Date |
|---|---|
| Network Device Management Security Requirements Guide | 2017-07-07 |
Details
| Check Text ( C-55687r1_chk ) |
|---|
| Determine if the network device notifies the administrator of changes to access and/or privilege parameters of the administrator's account that occurred since the last logon. This requirement may be verified by demonstration, configuration review, or validated test results. This requirement may be met through use of a properly configured authentication server if the device is configured to use the authentication server. If the administrator is not notified of changes to access and/or privilege parameters of the administrator's account that occurred since the last logon, this is a finding. |
| Fix Text (F-59931r1_fix) |
|---|
| Configure the network device to notify the administrator of changes to access and/or privilege parameters of the administrator's account that occurred since the last logon. |