AAA Services Security Requirements Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
AAA Services must be configured to notify the system administrators (SAs) and information system security officer (ISSO) for account disabling actions.
When application accounts are disabled, user accessibility is affected. Accounts are utilized for identifying individual users or for identifying the application processes themselves. Sending notif...Rule Medium Severity -
SRG-APP-000294
Group -
SRG-APP-000319
Group -
SRG-APP-000320
Group -
SRG-APP-000345
Group -
AAA Services must be configured to maintain locks on user accounts until released by an administrator.
By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute forcing, is reduced. Limits are imposed by locking the a...Rule Medium Severity -
SRG-APP-000358
Group -
AAA Services must be configured to send audit records to a centralized audit server.
Information stored in one location is vulnerable to accidental or incidental deletion or alteration. Off-loading is a common process in information systems with limited audit storage capacity.Rule Medium Severity -
SRG-APP-000374
Group -
AAA Services must be configured to use or map to Coordinated Universal Time (UTC) to record time stamps for audit records.
If time stamps are not consistently applied and there is no common time reference, it is difficult to perform forensic analysis. Time stamps generated by the application include date and time. Tim...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.