Skip to content
ATO Pathways
Log In
Overview
Search
Catalogs
SCAP
OSCAL
Catalogs
Profiles
Documents
References
Knowledge Base
Platform Documentation
Compliance Dictionary
Platform Changelog
About
Catalogs
XCCDF
HPE 3PAR SSMC Operating System Security Technical Implementation Guide
SRG-OS-000480-GPOS-00227
SRG-OS-000480-GPOS-00227
An XCCDF Group - A logical subset of the XCCDF Benchmark
Details
Profiles
Prose
SRG-OS-000480-GPOS-00227
1 Rule
<GroupDescription></GroupDescription>
SSMC must be configured to offload logs to a SIEM that is configured to alert the ISSO or SA when the local built-in admin account (ssmcadmin) is accessed.
Medium Severity
<VulnDiscussion>Configuring the operating system to implement organization-wide security implementation guides and security checklists ensures compliance with federal standards and establishes a common security baseline across DOD that reflects the most restrictive security posture consistent with operational requirements. The ssmcadmin account is an emergency group account used to administer ssmc. This is a privileged account that can Log on to the SSMC appliance. The ssmcaudit account is a nonprivileged group user account that can be enabled/disabled by ssmcadmin for CVE scanning via TUI. This is the other group account that can log on to the appliance. By alerting to the use of ssmcadmin account, the information assurance team can mitigate the risks involved in using this group account. These alerts must be used to ensure that the use of this account is warranted and documented.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>