STIGQter: STIG Summary: Network Device Management Security Requirements Guide Version: 4 Release: 1 Benchmark Date: 23 Apr 2021:

The network device must be configured to use an authentication server for the purpose of authenticating users prior to granting administrative access.

DISA Rule

SV-202132r539624_rule

Vulnerability Number

V-202132

Group Title

SRG-APP-000516

Rule Version

SRG-APP-000516-NDM-000336

Severity

CAT I

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.
• CCI-000370 - The organization employs automated mechanisms to centrally manage configuration settings for organization-defined information system components.

Weight

10

Fix Recommendation

Step 1: Configure the network device to use an authentication server.

Step 2: Configure the authentication order to use the authentication server as primary source for authentication.

Step 3: Configure all network connections associated with a device management to use an authentication server for the purpose of login authentication.

Check Contents

Review the network device configuration to verify that the device is configured to use an authentication server as primary source for authentication.

If the network device is not configured to use an authentication server for the purpose of authenticating users prior to granting administrative access, this is a finding.

Vulnerability Number

V-202132

Documentable

False

Rule Version

SRG-APP-000516-NDM-000336

Severity Override Guidance

Review the network device configuration to verify that the device is configured to use an authentication server as primary source for authentication.

If the network device is not configured to use an authentication server for the purpose of authenticating users prior to granting administrative access, this is a finding.

Check Content Reference

M

Target Key

2890

Comments