STIGQter: STIG Summary: Container Platform Security Requirements Guide Version: 1 Release: 1 Benchmark Date: 20 Nov 2020:

The container platform must disable identifiers (individuals, groups, roles, and devices) after 35 days of inactivity.

DISA Rule

SV-233087r599579_rule

Vulnerability Number

V-233087

Group Title

SRG-APP-000163

Rule Version

SRG-APP-000163-CTR-000395

Severity

CAT II

CCI(s)

• CCI-000795 - The organization manages information system identifiers by disabling the identifier after an organization-defined time period of inactivity.

Weight

10

Fix Recommendation

Configure the container platform to disable identifiers (individuals, groups, roles, and devices) after 35 days of inactivity.

Check Contents

Review the container platform configuration to determine if the container platform is configured to disable identifiers (individuals, groups, roles, and devices) after 35 days of inactivity.

If identifiers are not disabled after 35 days of inactivity, this is a finding.

Vulnerability Number

V-233087

Documentable

False

Rule Version

SRG-APP-000163-CTR-000395

Severity Override Guidance

Review the container platform configuration to determine if the container platform is configured to disable identifiers (individuals, groups, roles, and devices) after 35 days of inactivity.

If identifiers are not disabled after 35 days of inactivity, this is a finding.

Check Content Reference

M

Target Key

5239

Comments