STIGQter: STIG Summary: Network Device Management Security Requirements Guide Version: 4 Release: 1 Benchmark Date: 23 Apr 2021:

The network device must enforce access restrictions associated with changes to the system components.

DISA Rule

SV-202131r401224_rule

Vulnerability Number

V-202131

Group Title

SRG-APP-000516

Rule Version

SRG-APP-000516-NDM-000335

Severity

CAT II

CCI(s)

• CCI-000345 - The organization enforces logical access restrictions associated with changes to the information system.
• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Configure the network device to enforce access restrictions associated with changes to the system components.

Check Contents

Check the network device to determine if only authorized administrators have permissions for changes, deletions and updates on the network device. Inspect the maintenance log to verify changes are being made only by the system administrators.

If unauthorized users are allowed to change the hardware or software, this is a finding.

Vulnerability Number

V-202131

Documentable

False

Rule Version

SRG-APP-000516-NDM-000335

Severity Override Guidance

Check the network device to determine if only authorized administrators have permissions for changes, deletions and updates on the network device. Inspect the maintenance log to verify changes are being made only by the system administrators.

If unauthorized users are allowed to change the hardware or software, this is a finding.

Check Content Reference

M

Target Key

2890

Comments