WN12-00-000006 - Policy must require that system administrators (SAs) be trained for the operating systems used by systems under their control.

Information

If SAs are assigned to systems running operating systems for which they have no training, these systems are at additional risk of unintentional misconfiguration that may result in vulnerabilities or decreased availability of the system.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

Establish site policy that requires SAs be trained for all operating systems running on systems under their control.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_MS_Windows_2012_and_2012_R2_DC_V3R7_STIG.zip

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-6b., CAT|II, CCI|CCI-000366, Rule-ID|SV-226032r794371_rule, STIG-ID|WN12-00-000006, STIG-Legacy|SV-51577, STIG-Legacy|V-36666, Vuln-ID|V-226032

Plugin: Windows

Control ID: 368b0d12092099be7f809d426c7fa7156a4b81d5a6545e072535f8f3b382f80d