STIGQter: STIG Summary: DBN-6300 NDM Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 12 Sep 2017:

The DBN-6300 must automatically terminate a network administrator session after organization-defined conditions or trigger events requiring session disconnect.

DISA Rule

SV-91677r1_rule

Vulnerability Number

V-76981

Group Title

SRG-APP-000295-NDM-000279

Rule Version

DBNW-DM-000083

Severity

CAT II

CCI(s)

• CCI-002361 - The information system automatically terminates a user session after organization-defined conditions or trigger events requiring session disconnect.

Weight

10

Fix Recommendation

Configure administrator accounts with a timeout setting.

Navigate to Settings >> Users.

Click on the wrench for an existing user.

In the "Edit User" popup box, enter a timeout value of "600".

Check Contents

Verify administrator accounts are configured with a 10 minute timeout setting.

Navigate to Settings >> Users.

Click on the wrench for an existing user.

View each user defined on the device since there is no setting for a global value.

If a timeout value of "600" is not set for each administrator account configured on the device, this is a finding.

Vulnerability Number

V-76981

Documentable

False

Rule Version

DBNW-DM-000083

Severity Override Guidance

Verify administrator accounts are configured with a 10 minute timeout setting.

Navigate to Settings >> Users.

Click on the wrench for an existing user.

View each user defined on the device since there is no setting for a global value.

If a timeout value of "600" is not set for each administrator account configured on the device, this is a finding.

Check Content Reference

M

Target Key

2947

Comments