STIGQter STIGQter: STIG Summary: Trend Micro Deep Security 9.x Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 26 Feb 2016:

Trend Deep Security must enforce password complexity by requiring that at least one lower-case character be used.

DISA Rule

SV-80537r1_rule

Vulnerability Number

V-66047

Group Title

SRG-APP-000167

Rule Version

TMDS-00-000150

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Configure the Trend Deep Security server to enforce password complexity by requiring that at least one lower-case character be used.

Enable the checkbox for the "User password requires both upper-and lower-case characters" policy value for password complexity under the Administration >> System Settings >> Security tab.

Check Contents

Review the Trend Deep Security server configuration to ensure password complexity is enforced by requiring that at least one lower-case character be used.

Verify the values for password complexity.

If the "User password requires both upper-and lower-case characters" value for password complexity under the Administration >> System Settings >> Security tab has not been set, this is a finding.

Vulnerability Number

V-66047

Documentable

False

Rule Version

TMDS-00-000150

Severity Override Guidance

Review the Trend Deep Security server configuration to ensure password complexity is enforced by requiring that at least one lower-case character be used.

Verify the values for password complexity.

If the "User password requires both upper-and lower-case characters" value for password complexity under the Administration >> System Settings >> Security tab has not been set, this is a finding.

Check Content Reference

M

Target Key

2955

Comments