AAA Services Security Requirements Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
SRG-APP-000177
Group -
AAA Services must be configured to map the authenticated identity to the user account for PKI-based authentication.
Without mapping the certificate used to authenticate to the user account, the ability to determine the identity of the individual user or group will not be available for forensic analysis.Rule Medium Severity -
SRG-APP-000231
Group -
SRG-APP-000234
Group -
AAA Services must be configured to prevent automatically removing emergency accounts.
Emergency accounts are administrator accounts that are established in response to crisis situations where the need for rapid account activation is required. Therefore, emergency account activation ...Rule Medium Severity -
SRG-APP-000234
Group -
SRG-APP-000291
Group -
AAA Services must be configured to notify the system administrators (SAs) and information system security officer (ISSO) when accounts are created.
Once an attacker establishes access to an application, the attacker often attempts to create a persistent method of re-establishing access. One way to accomplish this is for the attacker to simply ...Rule Medium Severity -
SRG-APP-000292
Group -
SRG-APP-000293
Group
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.