The network device must notify the administrator of the number of successful login attempts occurring during an organization-defined time period.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-55291 | SRG-APP-000516-NDM-000332 | SV-69537r1_rule | Medium |
| Description |
|---|
| Administrators need to be aware of activity that occurs regarding their network device management account. Providing administrators with information regarding the date and time of their last successful login allows the administrator to determine if any unauthorized activity has occurred. This incorporates all methods of login including, but not limited to, SSH, HTTP, HTTPS, and physical connectivity. The organization-defined time period is dependent on the frequency with which administrators typically log in to the network device. |
| STIG | Date |
|---|---|
| Network Device Management Security Requirements Guide | 2017-07-07 |
Details
| Check Text ( C-55911r1_chk ) |
|---|
| Determine if the network device notifies the administrator of the number of successful login attempts occurring during an organization-defined time period. This can be accomplished by connecting to the network device and noting if the number of successful login attempts is displayed. If the administrator is not notified of the number of successful login attempts occurring during an organization-defined time period, this is a finding. |
| Fix Text (F-60155r1_fix) |
|---|
| Configure the network device to notify the administrator of the number of successful login attempts occurring during an organization-defined time period. |