STIGQter: STIG Summary: Splunk Enterprise 7.x for Windows Security Technical Implementation Guide Version: 2 Release: 2 Benchmark Date: 23 Apr 2021:

Splunk Enterprise must enforce a minimum 15-character password length for the account of last resort.

DISA Rule

SV-221632r508660_rule

Vulnerability Number

V-221632

Group Title

SRG-APP-000164-AU-002480

Rule Version

SPLK-CL-000360

Severity

CAT II

CCI(s)

CCI-000205 - The information system enforces minimum password length.

Weight

Fix Recommendation

Select Settings >> Access Controls >>Password Policy Management and set Minimum characters to 15 or more.

Check Contents

Select Settings >> Access Controls >> Password Policy Management and verify that Minimum characters is set to 15 or more.

If Minimum characters is less than 15, this is a finding.

Vulnerability Number

V-221632

Documentable

False

Rule Version

SPLK-CL-000360

Severity Override Guidance

Select Settings >> Access Controls >> Password Policy Management and verify that Minimum characters is set to 15 or more.

If Minimum characters is less than 15, this is a finding.

Check Content Reference

Target Key

4082

Splunk Enterprise must enforce a minimum 15-character password length for the account of last resort.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments