STIGQter: STIG Summary: Network Device Management Security Requirements Guide Version: 4 Release: 1 Benchmark Date: 23 Apr 2021:

The network device must limit the number of concurrent sessions to an organization-defined number for each administrator account and/or administrator account type.

DISA Rule

SV-202140r395442_rule

Vulnerability Number

V-202140

Group Title

SRG-APP-000001

Rule Version

SRG-APP-000001-NDM-000200

Severity

CAT II

CCI(s)

• CCI-000054 - The information system limits the number of concurrent sessions for each organization-defined account and/or account type to an organization-defined number of sessions.

Weight

10

Fix Recommendation

Configure the network device to limit the number of concurrent sessions to an organization-defined number for all administrator accounts and/or administrator account types.

Check Contents

Review the network device configuration to see if the device limits the number of concurrent sessions to an organization-defined number for all administrator accounts and/or administrator account types.

If the network device does not limit the number of concurrent sessions to an organization-defined number for each administrator account and/or administrator account type, this is a finding.

Vulnerability Number

V-202140

Documentable

False

Rule Version

SRG-APP-000001-NDM-000200

Severity Override Guidance

Review the network device configuration to see if the device limits the number of concurrent sessions to an organization-defined number for all administrator accounts and/or administrator account types.

If the network device does not limit the number of concurrent sessions to an organization-defined number for each administrator account and/or administrator account type, this is a finding.

Check Content Reference

M

Target Key

2890

Comments