STIGQter: STIG Summary: Forescout Network Device Management Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 20 Nov 2020:

Forescout must enforce password complexity by requiring that at least one special character be used.

DISA Rule

SV-230967r615886_rule

Vulnerability Number

V-230967

Group Title

SRG-APP-000169-NDM-000257

Rule Version

FORE-NM-000410

Severity

CAT II

CCI(s)

• CCI-001619 - The information system enforces password complexity by the minimum number of special characters used.

Weight

10

Fix Recommendation

Configure Forescout to require a minimum of one special character.

1. From the menu, select Tools >> Options >> CounterACT User Profiles >> Password and Sessions.
2. Check the fourth "password must contain at least" option.
3. Add a 1 (or higher) in the "in the special character" configuration box.

Check Contents

1. From the menu, select Tools >> Options >> CounterACT User Profiles >> Password and Sessions.
2. Verify the fourth "password must contain at least" is checked.
3. Verify there is 1 (or higher) in the "in the special character" configuration box.

If the Forescout does not enforce password complexity by requiring that at least one special character be used, this is a finding.

Vulnerability Number

V-230967

Documentable

False

Rule Version

FORE-NM-000410

Severity Override Guidance

1. From the menu, select Tools >> Options >> CounterACT User Profiles >> Password and Sessions.
2. Verify the fourth "password must contain at least" is checked.
3. Verify there is 1 (or higher) in the "in the special character" configuration box.

If the Forescout does not enforce password complexity by requiring that at least one special character be used, this is a finding.

Check Content Reference

M

Target Key

5245

Comments