STIGQter: STIG Summary: Network Device Management Security Requirements Guide Version: 4 Release: 1 Benchmark Date: 23 Apr 2021:

The network device must terminate shared/group account credentials when members leave the group.

DISA Rule

SV-202087r399646_rule

Vulnerability Number

V-202087

Group Title

SRG-APP-000317

Rule Version

SRG-APP-000317-NDM-000282

Severity

CAT II

CCI(s)

• CCI-002142 - The information system terminates shared/group account credentials when members leave the group.

Weight

10

Fix Recommendation

Configure the network device to terminate shared/group account credentials when members leave the group.

Check Contents

Determine if the network device terminates shared/group account credentials when members leave the group. This requirement may be verified by demonstration, configuration review, or validated test results. This requirement may be met through use of a properly configured authentication server if the device is configured to use the authentication server. This requirement is not applicable if the device does not support shared/group credentials. If the network device does not terminate shared/group credentials when members leave the group, this is a finding.

Vulnerability Number

V-202087

Documentable

False

Rule Version

SRG-APP-000317-NDM-000282

Severity Override Guidance

Determine if the network device terminates shared/group account credentials when members leave the group. This requirement may be verified by demonstration, configuration review, or validated test results. This requirement may be met through use of a properly configured authentication server if the device is configured to use the authentication server. This requirement is not applicable if the device does not support shared/group credentials. If the network device does not terminate shared/group credentials when members leave the group, this is a finding.

Check Content Reference

M

Target Key

2890

Comments