II - Mission Support Public
Rules and Groups employed by this XCCDF Profile
-
SRG-APP-000023-NDM-000205
Group -
Riverbed Optimization System (RiOS) must provide automated support for account management functions.
Account management functions include: assignment of group or role membership; identifying account type; specifying user access authorizations (i.e., privileges); account removal, update, or termina...Rule Medium Severity -
SRG-APP-000317-NDM-000282
Group -
Riverbed Optimization System (RiOS) must terminate local shared/group account credentials, such as the Admin account is used, when members who know the account password leave the group.
If shared/group account credentials are not terminated when individuals leave the group, the user that left the group can still gain access even though they are no longer authorized. A shared/gro...Rule Medium Severity -
SRG-APP-000317-NDM-000282
Group -
Riverbed Optimization System (RiOS) must disable the local Shark and Monitor accounts so they cannot be used as shared accounts by users.
The Monitor and Shark accounts which are default group accounts with shared credentials. Monitor and Shark accounts are not enabled by default, but cannot be deleted since these network tools are d...Rule Medium Severity -
SRG-APP-000026-NDM-000208
Group -
Riverbed Optimization System (RiOS) must automatically generate a log event for account creation events.
Upon gaining access to a network device, an attacker will often first attempt to create a persistent method of reestablishing access. One way to accomplish this is to create a new account. Notifica...Rule Low Severity -
SRG-APP-000027-NDM-000209
Group -
Riverbed Optimization System (RiOS) must automatically log event for account modification.
Since the accounts in the network device are privileged or system-level accounts, account management is vital to the security of the network device. Account management by a designated authority ens...Rule Low Severity -
SRG-APP-000028-NDM-000210
Group -
Riverbed Optimization System (RiOS) must automatically generate a log event for account disabling actions.
Account management, as a whole, ensures access to the network device is being controlled in a secure manner by granting access to only authorized personnel. Auditing account disabling actions will ...Rule Low Severity -
SRG-APP-000029-NDM-000211
Group -
Riverbed Optimization System (RiOS) must automatically generate a log event for account removal actions.
Account management, as a whole, ensures access to the network device is being controlled in a secure manner by granting access to only authorized personnel. Auditing account removal actions will su...Rule Low Severity -
SRG-APP-000291-NDM-000275
Group -
Riverbed Optimization System (RiOS) must generate alerts that can be forwarded to the administrators and ISSO when local accounts are created.
An authorized insider or individual who maliciously creates a local account could gain immediate access from a remote location to privileged information on a critical security device. Sending an al...Rule Medium Severity -
SRG-APP-000292-NDM-000276
Group -
Riverbed Optimization System (RiOS) must generate alerts that can be forwarded to the administrators and ISSO when accounts are modified.
Once an attacker establishes initial access to a system, the attacker often attempts to create a persistent method of reestablishing access. One way to accomplish this is for the attacker to simply...Rule Low Severity -
SRG-APP-000293-NDM-000277
Group -
Riverbed Optimization System (RiOS) must generate alerts that can be forwarded to the administrators and ISSO when accounts are disabled.
When application accounts are disabled, administrator accessibility is affected. Accounts are utilized for identifying individual device administrators or for identifying the device processes thems...Rule Low Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.