STIGQter: STIG Summary: ForeScout CounterACT NDM Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 12 Sep 2017:

CounterACT must enforce password complexity by requiring that at least one numeric character be used.

DISA Rule

SV-90885r1_rule

Vulnerability Number

V-76197

Group Title

SRG-APP-000168-NDM-000256

Rule Version

CACT-NM-000032

Severity

CAT II

CCI(s)

• CCI-000194 - The information system enforces password complexity by the minimum number of numeric characters used.

Weight

10

Fix Recommendation

1. Log on to the CounterACT Administrator UI.
2. From the menu, select Tools >> Options >> User Console and Options >> Password and Login.
3. Configure the complexity requirements to require the use of at least one numeric character in each password.

Check Contents

Verify CounterACT enforces password complexity by requiring that at least one numeric character be used. This requirement may be verified by demonstration, configuration review, or validated test results.

1. Log on to the CounterACT Administrator UI.
2. From the menu, select Tools >> Options >> User Console and Options >> Password and Login.
3. Verify the complexity requirements are met.

If CounterACT does not require that at least one numeric character be used in each password, this is a finding.

Vulnerability Number

V-76197

Documentable

False

Rule Version

CACT-NM-000032

Severity Override Guidance

Verify CounterACT enforces password complexity by requiring that at least one numeric character be used. This requirement may be verified by demonstration, configuration review, or validated test results.

1. Log on to the CounterACT Administrator UI.
2. From the menu, select Tools >> Options >> User Console and Options >> Password and Login.
3. Verify the complexity requirements are met.

If CounterACT does not require that at least one numeric character be used in each password, this is a finding.

Check Content Reference

M

Target Key

3225

Comments