STIGQter STIGQter: STIG Summary: ISEC7 Sphere Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Oct 2020:

The LockOutRealm must be configured with a login failure count of 3.

DISA Rule

SV-224783r505933_rule

Vulnerability Number

V-224783

Group Title

SRG-APP-000065

Rule Version

ISEC-06-550305

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Add failureCount parameter to the LockOutRealm configuration:

Login to the ISEC7 EMM Suite server.
Navigate to <Drive>:\Program Files\Isec7 EMM Suite\Tomcat\Config
Open the server.xml file with Notepad.
Select Edit >> Find and search for LockOutRealm.
Add the following line is in the server.xml file:

<Realm className="org.apache.catalina.realm.LockOutRealm" failureCount="3" lockOutTime="900" >

Restart the ISEC7 EMM Suite Web service in the services.msc

Check Contents

Verify the failureCount parameter is set to 3 in the LockOutRealm configuration.

Login to the ISEC7 EMM Suite server.
Navigate to <Drive>:\Program Files\Isec7 EMM Suite\Tomcat\Config
Open the server.xml file with Notepad.
Select Edit >> Find and search for LockOutRealm.
Verify the failureCount parameter is set to 3 in the following file:

<Realm className="org.apache.catalina.realm.LockOutRealm" failureCount="3" lockOutTime="900" >

If the failureCount parameter is not set to 3 in the LockOutRealm configuration, this is a finding.

Vulnerability Number

V-224783

Documentable

False

Rule Version

ISEC-06-550305

Severity Override Guidance

Verify the failureCount parameter is set to 3 in the LockOutRealm configuration.

Login to the ISEC7 EMM Suite server.
Navigate to <Drive>:\Program Files\Isec7 EMM Suite\Tomcat\Config
Open the server.xml file with Notepad.
Select Edit >> Find and search for LockOutRealm.
Verify the failureCount parameter is set to 3 in the following file:

<Realm className="org.apache.catalina.realm.LockOutRealm" failureCount="3" lockOutTime="900" >

If the failureCount parameter is not set to 3 in the LockOutRealm configuration, this is a finding.

Check Content Reference

M

Target Key

4200

Comments