STIGQter: STIG Summary: Bromium Secure Platform 4.x Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 10 May 2018:

The Bromium Enterprise Controller (BEC) lockout_delay_base in the settings.json file must be set to a minimum of 10 and the lockout_delay_scale must be set to 1 at a minimum.

DISA Rule

SV-95129r1_rule

Vulnerability Number

V-80425

Group Title

SRG-APP-000065

Rule Version

BROM-00-000100

Severity

CAT II

CCI(s)

• CCI-000044 - The information system enforces the organization-defined limit of consecutive invalid logon attempts by a user during the organization-defined time period.

Weight

10

Fix Recommendation

Edit the BEC configuration file (C:\ProgramData\Bromium\BMS\settings.json) to set lockout_delay_base to "10" and the lockout_delay_scale to "1" at a minimum.

Check Contents

Navigate to C:\ProgramData\Bromium\BMS\settings.json on the BEC. Verify the value of lockout_delay_base is set to "10" and the lockout_delay_scale is set to "1" at a minimum.

If the BEC lockout_delay_base in the settings.json file is not set to a minimum of "10" and the lockout_delay_scale is not set to a minimum of "1", this is a finding.

Vulnerability Number

V-80425

Documentable

False

Rule Version

BROM-00-000100

Severity Override Guidance

Navigate to C:\ProgramData\Bromium\BMS\settings.json on the BEC. Verify the value of lockout_delay_base is set to "10" and the lockout_delay_scale is set to "1" at a minimum.

If the BEC lockout_delay_base in the settings.json file is not set to a minimum of "10" and the lockout_delay_scale is not set to a minimum of "1", this is a finding.

Check Content Reference

M

Target Key

3375

Comments