All SAN management consoles and ports are not password protected.
An XCCDF Rule
Description
Without password protection malicious users can create a denial of service by disrupting the SAN or allow the compromise of sensitive date by reconfiguring the SAN topography. The IAO/NSO will ensure that all SAN management consoles and ports are password protected.
| Property | Value |
|---|---|
| Responsibility | Information Assurance Officer |
- ID
- SV-6791r1_rule
- Version
- SAN04.017.00
- Severity
- High
- Updated
Remediation Templates
A Manual Procedure
Develop a plan for implementing password protection on the SAN’s management consoles and ports. Obtain CM approval of the plan and execute the plan.