STIGQter STIGQter: STIG Summary: Application Security and Development Security Technical Implementation Guide Version: 4 Release: 9 Benchmark Date: 25 Jan 2019: The application must have a process, feature or function that prevents removal or disabling of emergency accounts.

DISA Rule

SV-84795r1_rule

Vulnerability Number

V-70173

Group Title

ASDV-PL-000310

Rule Version

APSC-DV-000310

Severity

CAT III

CCI(s)

Weight

10

Fix Recommendation

Identify accounts that are created in an emergency situation and ensure procedures or processes are in place to prevent disabling or deleting the account while the emergency is underway.

Check Contents

Review the application documentation and interview the application administrator. Identify if emergency accounts are ever used.

If emergency accounts are not used, this requirement is not applicable.

If emergency accounts are used, validate a procedure, process, feature or function exists that will prevent the emergency account from being deleted or disabled during a crisis situation.

Examples include but are not limited to adding a flag to the account to ensure it is not deleted during a specified emergency period or placing the account in a designated group that is monitored and controlled in accordance with the crisis.

If a process, procedure, function or feature designed to prevent emergency accounts from being deleted or disabled during a crisis situation is not available, this is a finding.

Vulnerability Number

V-70173

Documentable

False

Rule Version

APSC-DV-000310

Severity Override Guidance

Review the application documentation and interview the application administrator. Identify if emergency accounts are ever used.

If emergency accounts are not used, this requirement is not applicable.

If emergency accounts are used, validate a procedure, process, feature or function exists that will prevent the emergency account from being deleted or disabled during a crisis situation.

Examples include but are not limited to adding a flag to the account to ensure it is not deleted during a specified emergency period or placing the account in a designated group that is monitored and controlled in accordance with the crisis.

If a process, procedure, function or feature designed to prevent emergency accounts from being deleted or disabled during a crisis situation is not available, this is a finding.

Check Content Reference

M

Target Key

3009

Comments