STIGQter: STIG Summary: ForeScout CounterACT NDM Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 12 Sep 2017:

CounterACT must enforce password complexity by requiring that at least one special character be used.

DISA Rule

SV-90923r1_rule

Vulnerability Number

V-76235

Group Title

SRG-APP-000169-NDM-000257

Rule Version

CACT-NM-000033

Severity

CAT II

CCI(s)

• CCI-001619 - The information system enforces password complexity by the minimum number of special characters used.

Weight

10

Fix Recommendation

1. Log on to the CounterACT Administrator UI.
2. From the menu, select Tools >> Options >> User Console and Options >> Password and Login.
3. Configure the complexity requirement for use of at least one special character.

Check Contents

Verify CounterACT enforces password complexity by requiring that at least one special character be used. This requirement may be verified by demonstration, configuration review, or validated test results.

1. Log on to the CounterACT Administrator UI.
2. From the menu, select Tools >> Options >> User Console and Options >> Password and Login.
3. Verify the complexity requirement for use of at least one special character is met.

If CounterACT does not require that at least one special character be used in each password, this is a finding.

Vulnerability Number

V-76235

Documentable

False

Rule Version

CACT-NM-000033

Severity Override Guidance

Verify CounterACT enforces password complexity by requiring that at least one special character be used. This requirement may be verified by demonstration, configuration review, or validated test results.

1. Log on to the CounterACT Administrator UI.
2. From the menu, select Tools >> Options >> User Console and Options >> Password and Login.
3. Verify the complexity requirement for use of at least one special character is met.

If CounterACT does not require that at least one special character be used in each password, this is a finding.

Check Content Reference

M

Target Key

3225

Comments