STIGQter: STIG Summary: Forescout Network Device Management Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 20 Nov 2020: STIGQter: STIG Summary: Forescout Network Device Management Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 20 Nov 2020:SV-230931r615886_rule
V-230931
SRG-APP-000317-NDM-000282
FORE-NM-000020
CAT II
10
Establish and document a procedure that requires the changing of the account of last resort and root account password when users with knowledge of the password leave the group.
To change the password:
1. Log on to the Forescout Administrator UI.
2. From the menu, select Tools >> Options >> Console Preferences >> Password and Sessions.
3. Click the Password tab.
4. Click "User must change password at next logon if changed by admin user".
Note: the next time the account of last resort is accessed, the user will be prompted to change their password.
Note: Use of a cryptographically generated password is recommended. Password must be stored in a locked safe and used only when necessary since individual accounts are required to be used to ensure non-repudiation.
Review the documentation to verify a procedure exists to change the account of last resort and root account password when users with knowledge of the password leave the group.
If a procedure does not exist to change the account of last resort and root account password when users with knowledge of the password leave the group, this is a finding.
V-230931
False
FORE-NM-000020
Review the documentation to verify a procedure exists to change the account of last resort and root account password when users with knowledge of the password leave the group.
If a procedure does not exist to change the account of last resort and root account password when users with knowledge of the password leave the group, this is a finding.
M
5245