The Central Log Server must disable accounts when the accounts are no longer associated to a user.
An XCCDF Rule
Description
Disabling expired, inactive, or otherwise anomalous accounts supports the concepts of least privilege and least functionality which reduce the attack surface of the system.
- ID
- SV-263557r981756_rule
- Version
- SRG-APP-000705-AU-000110
- Severity
- Medium
- References
- Updated
Remediation Templates
A Manual Procedure
Configure the Central Log Server to disable accounts when the accounts are no longer associated to a user.