CCI-001682
Automatically removes or disables emergency accounts after an organization-defined time period for each type of account.
3 rules found Severity: Medium
1 rule found Severity: Medium
The CA API Gateway must automatically remove or disable emergency accounts, except the emergency administration account, after 72 hours.
1 rule found Severity: Medium
The storage system must be configured to have only 1 emergency account which can be accessed without LDAP, and which has full administrator capabilities.
1 rule found Severity: High
1 rule found Severity: Medium
1 rule found Severity: Low
The macOS system must automatically remove or disable temporary and emergency user accounts after 72 hours.
2 rules found Severity: Medium
2 rules found Severity: Low
The Red Hat Enterprise Linux operating system must automatically expire temporary accounts within 72 hours.
1 rule found Severity: Medium
The BIG-IP appliance must be configured to automatically remove or disable emergency accounts after 72 hours.
1 rule found Severity: Medium
The HPE 3PAR OS must be configured to have only one emergency account that can be accessed without LDAP and that has full administrator privileges.
1 rule found Severity: Medium
The AIX system must automatically remove or disable emergency accounts after the crisis is resolved or 72 hours.
1 rule found Severity: Medium
Windows Server 2016 must automatically remove or disable emergency accounts after the crisis is resolved or within 72 hours.
1 rule found Severity: Medium
1 rule found Severity: Medium
1 rule found Severity: Medium
1 rule found Severity: Medium
TOSS must automatically remove or disable emergency accounts after the crisis is resolved or 72 hours.
1 rule found Severity: Medium
NixOS emergency or temporary user accounts must be provisioned with an expiration time of 72 hours or less.
1 rule found Severity: Medium
1 rule found Severity: Medium
1 rule found Severity: Low
The macOS system must automatically remove or disable temporary or emergency user accounts within 72 hours.
2 rules found Severity: Medium
1 rule found Severity: Medium
1 rule found Severity: Medium
1 rule found Severity: Medium
1 rule found Severity: Medium
The information system must automatically remove or disable emergency accounts after the crisis is resolved or 72 hours.
1 rule found Severity: Medium
IBM z/OS system administrator must develop a procedure to automatically remove or disable emergency accounts after the crisis is resolved or 72 hours.
1 rule found Severity: Medium
The IBM z/OS system administrator (SA) must develop a process to disable emergency accounts after the crisis is resolved or 72 hours.
1 rule found Severity: Medium
IBM z/OS system administrator (SA) must develop a procedure to remove or disable emergency accounts after the crisis is resolved or 72 hours.
1 rule found Severity: Medium
The Mainframe Product must be configured such that emergency accounts are never automatically removed or disabled.
1 rule found Severity: Medium
Windows Server 2019 must automatically remove or disable emergency accounts after the crisis is resolved or within 72 hours.
1 rule found Severity: Medium
Windows Server 2022 must automatically remove or disable emergency accounts after the crisis is resolved or within 72 hours.
1 rule found Severity: Medium
The SUSE operating system must never automatically remove or disable emergency administrator accounts.
2 rules found Severity: Medium
2 rules found Severity: Medium
The VMM must automatically remove or disable emergency accounts after the crisis is resolved or 72 hours.
1 rule found Severity: Medium
The ESXi host must uniquely identify and must authenticate organizational users by using Active Directory.
2 rules found Severity: Low