STIGQter STIGQter: STIG Summary: HP FlexFabric Switch NDM Security Technical Implementation Guide Version: 1 Release: 3 Benchmark Date: 24 Jul 2020:

The HP FlexFabric Switch must enforce the limit of three consecutive invalid logon attempts by a user during a 15-minute time period.

DISA Rule

SV-80645r1_rule

Vulnerability Number

V-66155

Group Title

SRG-APP-000065-NDM-000214

Rule Version

HFFS-ND-000015

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Configure the HP FlexFabric Switch to enforce the limit of three consecutive invalid logon attempts by a user during a 15-minute time period:

[HP]password-control login-attempt 3 exceed lock-time 15

Check Contents

Verify that the HP FlexFabric Switch is configured to enforce the limit of three consecutive invalid logon attempts by a user during a 15-minute time period.

[HP] display password-control

Global password control configurations:
Maximum login attempts: 3
Action for exceeding login attempts: Lock user for 15 minutes

If the limit of three consecutive invalid logon attempts by a user during a 15-minute time period is not enforced, this is a finding.

Vulnerability Number

V-66155

Documentable

False

Rule Version

HFFS-ND-000015

Severity Override Guidance

Verify that the HP FlexFabric Switch is configured to enforce the limit of three consecutive invalid logon attempts by a user during a 15-minute time period.

[HP] display password-control

Global password control configurations:
Maximum login attempts: 3
Action for exceeding login attempts: Lock user for 15 minutes

If the limit of three consecutive invalid logon attempts by a user during a 15-minute time period is not enforced, this is a finding.

Check Content Reference

M

Target Key

2971

Comments