STIGQter STIGQter: STIG Summary: Bromium Secure Platform 4.x Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 10 May 2018:

The Bromium Enterprise Controller (BEC) must change the password for the Account of Last Resort when an individual with knowledge of the password leaves the group.

DISA Rule

SV-95147r1_rule

Vulnerability Number

V-80443

Group Title

SRG-APP-000317

Rule Version

BROM-00-000690

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Modify the password for the Account of Last Resort.

1. Using the management console, navigate to "Settings".
2. Select "Users".
3. Click on the local account name representing the Account of Last Resort.
4. In the "Edit User" section, enter and confirm the new password.
5. Click "Save Settings".

If the Account of Last Resort has been removed after installation and configuration per vendor-recommended best practice (BROM-00-000300), either create a new account and password or change the password.

Check Contents

If the Account of Last Resort has been removed after installation and configuration per vendor-recommended best practice (BROM-00-000300), this is not a finding.

Examine the site's documentation. Verify there is a documented procedure for changing the password for the Account of Last Resort when an individual with knowledge of the password leaves the group. An acceptable practice is to either create a new account and password each time or change the password.

If a procedure for changing the password for the Account of Last Resort when an individual with knowledge of the password leaves the group is not documented or implemented, this is a finding.

Vulnerability Number

V-80443

Documentable

False

Rule Version

BROM-00-000690

Severity Override Guidance

If the Account of Last Resort has been removed after installation and configuration per vendor-recommended best practice (BROM-00-000300), this is not a finding.

Examine the site's documentation. Verify there is a documented procedure for changing the password for the Account of Last Resort when an individual with knowledge of the password leaves the group. An acceptable practice is to either create a new account and password each time or change the password.

If a procedure for changing the password for the Account of Last Resort when an individual with knowledge of the password leaves the group is not documented or implemented, this is a finding.

Check Content Reference

M

Target Key

3375

Comments