CCI-001358
Establish privileged user accounts in accordance with a role-based access scheme; or an attribute-based access scheme.
In the event the authentication server is unavailable, there must be one local account of last resort.
1 rule found Severity: Medium
The DBN-6300 must uniquely identify and authenticate organizational administrators (or processes acting on behalf of organizational administrators).
1 rule found Severity: High
The FortiGate device must have only one local account to be used as the account of last resort in the event the authentication server is unavailable.
1 rule found Severity: Medium
In the event the authentication server is unavailable, one local account must be created for use as the account of last resort.
1 rule found Severity: Medium
In the event the authentication server is unavailable, the MQ Appliance must provide one local account created for emergency administration use.
1 rule found Severity: Medium
Symantec ProxySG must be configured with only one local account that is used as the account of last resort.
1 rule found Severity: Medium
The network device must be configured with only one local account to be used as the account of last resort in the event the authentication server is unavailable.
5 rules found Severity: Medium
The Arista network device must be configured with only one local account to be used as the account of last resort in the event the authentication server is unavailable.
1 rule found Severity: Medium
The Cisco ASA must be configured with only one local account to be used as the account of last resort in the event the authentication server is unavailable.
1 rule found Severity: Medium
The Cisco switch must be configured with only one local account to be used as the account of last resort in the event the authentication server is unavailable.
3 rules found Severity: Medium
The Cisco router must be configured with only one local account to be used as the account of last resort in the event the authentication server is unavailable.
3 rules found Severity: Medium
The Cisco ISE must be configured with only one local web-based account to be used as the account of last resort in the event the authentication server is unavailable.
1 rule found Severity: Medium
The F5 BIG-IP appliance must be configured with only one local account to be used as the account of last resort in the event the authentication server is unavailable.
1 rule found Severity: Medium
The ICS must be configured with only one local account to be used as the account of last resort in the event the authentication server is unavailable.
1 rule found Severity: Medium
The Juniper EX switch must be configured with only one local account to be used as the account of last resort in the event the authentication server is unavailable.
1 rule found Severity: Medium
ONTAP must be configured with only one local account to be used as the account of last resort in the event the authentication server is unavailable.
1 rule found Severity: Medium
The Riverbed NetProfiler must be configured with only one local account to be used as the account of last resort in the event the authentication server is unavailable.
1 rule found Severity: Medium
The TippingPoint SMS must be configured with only one local account to be used as the account of last resort in the event the authentication server is unavailable.
1 rule found Severity: Medium
The Dell OS10 Switch must be configured with only one local account to be used as the account of last resort in the event the authentication server is unavailable.
1 rule found Severity: Medium
Forescout must be configured with only one web account and one CLI account of last resort with limited access and used only when the authentication server is unavailable.
1 rule found Severity: Medium
AOS must be configured with only one local account to be used as the account of last resort in the event the authentication server is unavailable.
1 rule found Severity: Medium
The HYCU virtual appliance must be configured with only one local account to be used as the account of last resort in the event the authentication server is unavailable.
1 rule found Severity: Medium
The Juniper router must be configured with only one local account to be used as the account of last resort in the event the authentication server is unavailable.
1 rule found Severity: Medium
The Palo Alto device must be configured with only one local account to be used as the account of last resort in the event the authentication server is unavailable.
1 rule found Severity: Medium