STIGQter: STIG Summary: Jamf Pro v10.x EMM Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 03 Feb 2020:

The Jamf Pro EMM local accounts must prohibit password reuse for a minimum of five generations.

DISA Rule

SV-108727r1_rule

Vulnerability Number

V-99623

Group Title

PP-MDM-991000

Rule Version

JAMF-10-100780

Severity

CAT II

CCI(s)

• CCI-000200 - The information system prohibits password reuse for the organization-defined number of generations.

Weight

10

Fix Recommendation

Note: This requirement is NA if Option #1 is selected in requirement JAMF-10-000685.

To configure the "Password History" of the local accounts password to a minimum of "5" generations, do the following:

1. Open the Jamf Pro EMM console.
2. Click "Settings".
3. Click "System Settings".
4. Click "Jamf Pro System User Accounts & Groups".
5. Click "Password Policy".
6. Set the "Password History" to "5" or more.

Check Contents

To verify the local accounts "Password History" is set to a minimum of "5" generations, do the following:

1. Open the Jamf Pro EMM console.
2. Click "Settings".
3. Click "System Settings".
4. Click "Jamf Pro System User Accounts & Groups".
5. Click "Password Policy".
6. Verify "Password History" to "5" or more.

If "Password History" is not set to "5" or more, this is a finding.

Vulnerability Number

V-99623

Documentable

False

Rule Version

JAMF-10-100780

Severity Override Guidance

To verify the local accounts "Password History" is set to a minimum of "5" generations, do the following:

1. Open the Jamf Pro EMM console.
2. Click "Settings".
3. Click "System Settings".
4. Click "Jamf Pro System User Accounts & Groups".
5. Click "Password Policy".
6. Verify "Password History" to "5" or more.

If "Password History" is not set to "5" or more, this is a finding.

Check Content Reference

M

Target Key

3593

Comments