NET0465 - Authorized accounts must be assigned the least privilege level necessary to perform assigned duties.

Information

By not restricting authorized accounts to their proper privilege level, access to restricted functions may be allowed before authorized personell are trained or experienced enough to use those functions. Network disruptions or outages may occur due to mistakes made by inexperienced persons using accounts with greater privileges than necessary.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

Configure authorized accounts with the least privilege rule. Each user will have access to only the privileges they require to perform their assigned duties.

See Also

https://iasecontent.disa.mil/stigs/zip/U_Network_Perimeter_Router_L3_Switch_V8R32_STIG.zip

Item Details

References: CAT|II, Rule-ID|SV-3057r6_rule, STIG-ID|NET0465, Vuln-ID|V-3057

Plugin: Cisco

Control ID: 1eae43d38a7d6a2d630a25985542e28c601fbcc2acbf57bede51d83ba25d6640