STIGQter: STIG Summary: A10 Networks ADC NDM Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 15 Apr 2016:

When anyone who has access to the emergency administration account no longer requires access to it or leaves the organization, the password for the emergency administration account must be changed.

DISA Rule

SV-82559r1_rule

Vulnerability Number

V-68069

Group Title

SRG-APP-000317-NDM-000282

Rule Version

AADC-NM-000085

Severity

CAT II

CCI(s)

• CCI-002142 - The information system terminates shared/group account credentials when members leave the group.

Weight

10

Fix Recommendation

When anyone who has access to the emergency administration account no longer requires access to it or leaves the organization, change the password for the emergency administration account.

Check Contents

Review the list of personnel who are authorized access to the emergency administration account and determine when someone either changed roles or left the organization. Compare this against the documented last change of the emergency administration account password.

If the emergency administration account was not changed, this is a finding.

Vulnerability Number

V-68069

Documentable

False

Rule Version

AADC-NM-000085

Severity Override Guidance

Review the list of personnel who are authorized access to the emergency administration account and determine when someone either changed roles or left the organization. Compare this against the documented last change of the emergency administration account password.

If the emergency administration account was not changed, this is a finding.

Check Content Reference

M

Target Key

2915

Comments