STIGQter: STIG Summary: Forescout Network Device Management Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 20 Nov 2020:

Forescout must disable the Request Customer Verification setting.

DISA Rule

SV-230960r615886_rule

Vulnerability Number

V-230960

Group Title

SRG-APP-000142-NDM-000245

Rule Version

FORE-NM-000340

Severity

CAT III

CCI(s)

• CCI-000382 - The organization configures the information system to prohibit or restrict the use of organization-defined functions, ports, protocols, and/or services.

Weight

10

Fix Recommendation

In the Password and Sessions login options, disable the "request customer verification" option.

1. Log on to the Forescout Administrator UI.
2. From the menu, select Tools >> Options >> CounterACT User Profiles >> Password and Sessions.
3. Ensure the option for "request customer verification" is unchecked.

Check Contents

In the Password and Sessions login options, ensure "request customer verification" is not enabled.

1. Log on to the Forescout Administrator UI.
2. From the menu, select Tools >> Options >> CounterACT User Profiles >> Password and Sessions.
3. Ensure the option for "request customer verification" is unchecked.

If the Request Customer Verification setting is enabled, this is a finding.

Vulnerability Number

V-230960

Documentable

False

Rule Version

FORE-NM-000340

Severity Override Guidance

In the Password and Sessions login options, ensure "request customer verification" is not enabled.

1. Log on to the Forescout Administrator UI.
2. From the menu, select Tools >> Options >> CounterACT User Profiles >> Password and Sessions.
3. Ensure the option for "request customer verification" is unchecked.

If the Request Customer Verification setting is enabled, this is a finding.

Check Content Reference

M

Target Key

5245

Comments