STIGQter: STIG Summary: Forescout Network Device Management Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 20 Nov 2020:

Forescout must enforce password complexity by requiring that at least one lower-case character be used.

DISA Rule

SV-230964r615886_rule

Vulnerability Number

V-230964

Group Title

SRG-APP-000167-NDM-000255

Rule Version

FORE-NM-000380

Severity

CAT II

CCI(s)

• CCI-000193 - The information system enforces password complexity by the minimum number of lower case characters used.

Weight

10

Fix Recommendation

Configure Forescout to require a minimum of one lower-case character.

1. From the menu, select Tools >> Options >> CounterACT User Profiles >> Password and Sessions.
2. Check the second "password must contain at least" option.
3. Add a 1 (or higher) in the "lower case alphabetic characters" configuration box.

Check Contents

1. From the menu, select Tools >> Options >> CounterACT User Profiles >> Password and Sessions.
2. Verify the second "password must contain at least" is checked.
3. Verify there is a minimum of one in the "lower case alphabetic characters" configuration box.

If the Forescout does not enforce password complexity by requiring that at least one lower-case character be used, this is a finding.

Vulnerability Number

V-230964

Documentable

False

Rule Version

FORE-NM-000380

Severity Override Guidance

1. From the menu, select Tools >> Options >> CounterACT User Profiles >> Password and Sessions.
2. Verify the second "password must contain at least" is checked.
3. Verify there is a minimum of one in the "lower case alphabetic characters" configuration box.

If the Forescout does not enforce password complexity by requiring that at least one lower-case character be used, this is a finding.

Check Content Reference

M

Target Key

5245

Comments