STIGQter STIGQter: STIG Summary: HP FlexFabric Switch NDM Security Technical Implementation Guide Version: 1 Release: 3 Benchmark Date: 24 Jul 2020:

If multifactor authentication is not supported and passwords must be used, the HP FlexFabric Switch must enforce password complexity by requiring that at least one upper-case character be used.

DISA Rule

SV-80697r1_rule

Vulnerability Number

V-66207

Group Title

SRG-APP-000166-NDM-000254

Rule Version

HFFS-ND-000055

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Configure the HP FlexFabric Switch to enforce password complexity by requiring that at least one upper-case character be used:

[HP] password-control enable
[HP] password-control composition enable
[HP] password-control composition type-number 4 type-length 1

Check Contents

Check to see that the HP FlexFabric Switch enforces password complexity by requiring that at least one upper-case character be used.

[HP] display password-control

Global password control configurations:
Password control: Enabled
Password aging: Enabled (60 days)
Password length: Enabled (15 characters)
Password composition: Enabled (4 types, 1 characters per type)

If the HP FlexFabric Switch does not require that at least one upper-case character be used in each password, this is a finding.

Vulnerability Number

V-66207

Documentable

False

Rule Version

HFFS-ND-000055

Severity Override Guidance

Check to see that the HP FlexFabric Switch enforces password complexity by requiring that at least one upper-case character be used.

[HP] display password-control

Global password control configurations:
Password control: Enabled
Password aging: Enabled (60 days)
Password length: Enabled (15 characters)
Password composition: Enabled (4 types, 1 characters per type)

If the HP FlexFabric Switch does not require that at least one upper-case character be used in each password, this is a finding.

Check Content Reference

M

Target Key

2971

Comments