| V-76457 | | Upon successful login, the Akamai Luna Portal must notify the administrator of the date and time of the last login. | Administrators need to be aware of activity that occurs regarding their network device management account. Providing administrators with information r... |
| V-76459 | | The Akamai Luna Portal must notify the administrator of the number of successful login attempts. | Administrators need to be aware of activity that occurs regarding their network device management account. Providing administrators with information r... |
| V-76461 | | The Akamai Luna Portal must initiate a session logoff after a 15-minute period of inactivity. | A session lock is a temporary network device or administrator-initiated action taken when the administrator stops work but does not log out of the net... |
| V-76463 | | The Akamai Luna Portal must automatically audit account creation. | Upon gaining access to a network device, an attacker will often first attempt to create a persistent method of reestablishing access. One way to accom... |
| V-76465 | | The Akamai Luna Portal must automatically audit account modification. | Since the accounts in the network device are privileged or system-level accounts, account management is vital to the security of the network device. A... |
| V-76467 | | The Akamai Luna Portal must automatically audit account removal actions. | Account management, as a whole, ensures access to the network device is being controlled in a secure manner by granting access to only authorized pers... |
| V-76469 | | The Akamai Luna Portal must generate alerts that can be forwarded to the SAs and ISSO when accounts are created. | Once an attacker establishes initial access to a system, the attacker often attempts to create a persistent method of reestablishing access. One way t... |
| V-76471 | | The Akamai Luna Portal must generate alerts that can be forwarded to the SAs and ISSO when accounts are modified. | Once an attacker establishes initial access to a system, the attacker often attempts to create a persistent method of reestablishing access. One way t... |
| V-76473 | | The Akamai Luna Portal must generate alerts that can be forwarded to the SAs and ISSO when accounts are removed. | When application accounts are removed, administrator accessibility is affected. Accounts are used for identifying individual device administrators or ... |
| V-76475 | | The Akamai Luna Portal must automatically audit account enabling actions. | Once an attacker establishes initial access to a system, the attacker often attempts to create a persistent method of reestablishing access. One way t... |
| V-76477 | | The Akamai Luna Portal must notify the SAs and ISSO when accounts are created, or enabled when previously disabled. | Once an attacker establishes initial access to a system, the attacker often attempts to create a persistent method of reestablishing access. One way t... |
| V-76479 | | The Akamai Luna Portal must audit the execution of privileged functions. | Misuse of privileged functions, either intentionally or unintentionally by authorized users or by unauthorized external entities that have compromised... |
| V-76485 | | The Akamai Luna Portal must enforce a minimum 15-character password length. | Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. Password ... |
| V-76487 | | If multifactor authentication is not supported and passwords must be used, the Akamai Luna Portal must enforce password complexity by requiring that at least one upper-case character be used. | Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure... |
| V-76489 | | If multifactor authentication is not supported and passwords must be used, the Akamai Luna Portal must enforce password complexity by requiring that at least one lower-case character be used. | Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure... |
| V-76491 | | If multifactor authentication is not supported and passwords must be used, the Akamai Luna Portal must enforce password complexity by requiring that at least one numeric character be used. | Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure... |
| V-76493 | | If multifactor authentication is not supported and passwords must be used, the Akamai Luna Portal must enforce password complexity by requiring that at least one special character be used. | Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure... |
| V-76495 | | The Akamai Luna Portal must enforce a 60-day maximum password lifetime restriction. | Any password, no matter how complex, can eventually be cracked. Therefore, passwords need to be changed at specific intervals.
One method of minimizi... |
| V-76497 | | The Akamai Luna Portal must prohibit password reuse for a minimum of five generations. | Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
To meet... |
| V-76499 | | The Akamai Luna Portal must terminate all network connections associated with a device management session at the end of the session, or the session must be terminated after 15 minutes of inactivity except to fulfill documented and validated mission requirements. | Terminating an idle session within a short time period reduces the window of opportunity for unauthorized personnel to take control of a management se... |
| V-76481 | | The Akamai Luna Portal must provide audit record generation capability for DoD-defined auditable events within the network device. | Without the capability to generate audit records, it would be difficult to establish, correlate, and investigate the events relating to an incident or... |
| V-76483 | | The Akamai Luna Portal must generate audit records when successful/unsuccessful attempts to access privileges occur. | Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlat... |
| V-76501 | | The Akamai Luna Portal must employ Security Assertion Markup Language (SAML) to automate central management of administrators. | The use of authentication servers or other centralized management servers for providing centralized authentication services is required for network de... |
| V-76503 | | The Akamai Luna Portal must employ Single Sign On (SSO) with Security Assertion Markup Language (SAML) integration to verify authentication settings. | The use of authentication servers or other centralized management servers for providing centralized authentication services is required for network de... |
