AAA Services must be configured to disable accounts when the accounts are in violation of organizational policy.
An XCCDF Rule
Description
Disabling expired, inactive, or otherwise anomalous accounts supports the concepts of least privilege and least functionality, which reduce the attack surface of the system.
- ID
- SV-263529r982385_rule
- Version
- SRG-APP-000710-AAA-000120
- Severity
- Medium
- References
- Updated
Remediation Templates
A Manual Procedure
Configure AAA Services to disable accounts when the accounts are in violation of organizational policy.