800-53|AC-2a.

Title

ACCOUNT MANAGEMENT

Description

Identifies and selects the following types of information system accounts to support organizational missions/business functions: [Assignment: organization-defined information system account types];

Reference Item Details

Category: ACCESS CONTROL

Family: ACCESS CONTROL

Baseline Impact: LOW,MODERATE,HIGH

Audit Items

View all Reference Audit Items

NamePluginAudit Name
AIOS-15-009800 - Apple iOS/iPadOS 15 must be configured to disable multiuser modes.MDMAirWatch - DISA Apple iOS/iPadOS 14 v1r4
AIOS-15-009800 - Apple iOS/iPadOS 15 must be configured to disable multiuser modes.MDMMobileIron - DISA Apple iOS/iPadOS 14 v1r4
AIOS-16-003700 - Apple iOS/iPadOS 16 must not allow backup to remote systems (enterprise books) - enterprise books.MDMAirWatch - DISA Apple iOS/iPadOS 16 v2r1
AIOS-16-003700 - Apple iOS/iPadOS 16 must not allow backup to remote systems (enterprise books) - enterprise books.MDMMobileIron - DISA Apple iOS/iPadOS 16 v2r1
AIOS-16-009800 - Apple iOS/iPadOS 16 must be configured to disable multiuser modes.MDMAirWatch - DISA Apple iOS/iPadOS 16 v2r1
AIOS-16-009800 - Apple iOS/iPadOS 16 must be configured to disable multiuser modes.MDMMobileIron - DISA Apple iOS/iPadOS 16 v2r1
AIOS-16-703700 - Apple iOS/iPadOS 16 must not allow backup to remote systems (enterprise books) - enterprise books.MDMAirWatch - DISA Apple iOS/iPadOS 16 BYOAD v1r1
AIOS-16-703700 - Apple iOS/iPadOS 16 must not allow backup to remote systems (enterprise books) - enterprise books.MDMMobileIron - DISA Apple iOS/iPadOS BYOAD 16 v1r1
AIOS-17-003700 - Apple iOS/iPadOS 17 must not allow backup to remote systems (enterprise books) - enterprise books.MDMAirWatch - DISA Apple iOS/iPadOS 17 v2r1
AIOS-17-003700 - Apple iOS/iPadOS 17 must not allow backup to remote systems (enterprise books) - enterprise books.MDMMobileIron - DISA Apple iOS/iPadOS 17 v2r1
AIOS-17-009800 - Apple iPadOS 17 must be configured to disable multiuser modes.MDMMobileIron - DISA Apple iOS/iPadOS 17 v2r1
AIOS-17-009800 - Apple iPadOS 17 must be configured to disable multiuser modes.MDMAirWatch - DISA Apple iOS/iPadOS 17 v2r1
AIOS-17-703700 - Apple iOS/iPadOS 17 must not allow backup to remote systems (enterprise books) - enterprise books.MDMAirWatch - DISA Apple iOS/iPadOS 17 BYOAD v1r1
AIOS-17-703700 - Apple iOS/iPadOS 17 must not allow backup to remote systems (enterprise books) - enterprise books.MDMMobileIron - DISA Apple iOS/iPadOS BYOAD 17 v1r1
AIOS-18-009800 - Apple iPadOS 18 must be configured to disable multiuser modes.MDMAirWatch - DISA Apple iOS/iPadOS 18 v1r1
AIOS-18-009800 - Apple iPadOS 18 must be configured to disable multiuser modes.MDMMobileIron - DISA Apple iOS/iPadOS 18 v1r1
ARST-ND-000350 - The Arista network device must be configured with only one local account to be used as the account of last resort in the event the authentication server is unavailable.AristaDISA STIG Arista MLS EOS 4.2x NDM v2r1
CASA-ND-000450 - The Cisco ASA must be configured with only one local account to be used as the account of last resort in the event the authentication server is unavailable.CiscoDISA STIG Cisco ASA NDM v2r2
CISC-ND-000490 - The Cisco router must be configured with only one local account to be used as the account of last resort in the event the authentication server is unavailable.CiscoDISA STIG Cisco IOS Router NDM v3r2
CISC-ND-000490 - The Cisco router must be configured with only one local account to be used as the account of last resort in the event the authentication server is unavailable.CiscoDISA STIG Cisco IOS XE Router NDM v3r2
CISC-ND-000490 - The Cisco router must be configured with only one local account to be used as the account of last resort in the event the authentication server is unavailable.CiscoDISA STIG Cisco IOS-XR Router NDM v3r2
CISC-ND-000490 - The Cisco switch must be configured with only one local account to be used as the account of last resort in the event the authentication server is unavailable.CiscoDISA STIG Cisco IOS XE Switch NDM v3r2
CISC-ND-000490 - The Cisco switch must be configured with only one local account to be used as the account of last resort in the event the authentication server is unavailable.CiscoDISA STIG Cisco NX-OS Switch NDM v3r2
CISC-ND-000490 - The Cisco switch must be configured with only one local account to be used as the account of last resort in the event the authentication server is unavailable.CiscoDISA STIG Cisco IOS Switch NDM v3r2
FGFW-ND-000030 - The FortiGate device must have only one local account to be used as the account of last resort in the event the authentication server is unavailable.FortiGateDISA Fortigate Firewall NDM STIG v1r4
GOOG-09-004700 - The Google Android Pie must be configured to disable multi-user modes.MDMMobileIron - DISA Google Android 9.x v2r1
GOOG-09-004700 - The Google Android Pie must be configured to disable multi-user modes.MDMAirWatch - DISA Google Android 9.x v2r1
GOOG-10-004700 - Google Android 10 must be configured to disable multi-user modes.MDMAirWatch - DISA Google Android 10.x v2r1
GOOG-10-004700 - Google Android 10 must be configured to disable multi-user modes.MDMMobileIron - DISA Google Android 10.x v2r1
GOOG-11-004700 - Google Android 11 must be configured to disable multi-user modes.MDMMobileIron - DISA Google Android 11 COBO v2r1
GOOG-11-004700 - Google Android 11 must be configured to disable multi-user modes.MDMMobileIron - DISA Google Android 11 COPE v2r1
GOOG-11-004700 - Google Android 11 must be configured to disable multi-user modes.MDMAirWatch - DISA Google Android 11 COBO v2r1
GOOG-11-004700 - Google Android 11 must be configured to disable multi-user modes.MDMAirWatch - DISA Google Android 11 COPE v2r1
GOOG-12-009000 - Google Android 12 must be configured to disable multiuser modes.MDMAirWatch - DISA Google Android 12 COBO v1r2
GOOG-12-009000 - Google Android 12 must be configured to disable multiuser modes.MDMAirWatch - DISA Google Android 12 COPE v1r2
GOOG-12-009000 - Google Android 12 must be configured to disable multiuser modes.MDMMobileIron - DISA Google Android 12 COBO v1r2
GOOG-12-009000 - Google Android 12 must be configured to disable multiuser modes.MDMMobileIron - DISA Google Android 12 COPE v1r2
GOOG-13-009000 - Google Android 13 must be configured to disable multiuser modes.MDMMobileIron - DISA Google Android 13 COBO v2r1
GOOG-13-009000 - Google Android 13 must be configured to disable multiuser modes.MDMAirWatch - DISA Google Android 13 COBO v2r1
GOOG-13-009000 - Google Android 13 must be configured to disable multiuser modes.MDMAirWatch - DISA Google Android 13 COPE v2r1
GOOG-13-009000 - Google Android 13 must be configured to disable multiuser modes.MDMMobileIron - DISA Google Android 13 COPE v2r1
GOOG-14-009000 - Google Android 14 must be configured to disable multiuser modes.MDMMobileIron - DISA Google Android 14 COPE v2r1
GOOG-14-009000 - Google Android 14 must be configured to disable multiuser modes.MDMMobileIron - DISA Google Android 14 COBO v2r1
GOOG-14-009000 - Google Android 14 must be configured to disable multiuser modes.MDMAirWatch - DISA Google Android 14 COPE v2r1
GOOG-14-009000 - Google Android 14 must be configured to disable multiuser modes.MDMAirWatch - DISA Google Android 14 COBO v2r1
HONW-09-004700 - The Honeywell Mobility Edge Android Pie device must be configured to disable multi-user modes.MDMAirWatch - DISA Honeywell Android 9.x COPE v1r2
HONW-09-004700 - The Honeywell Mobility Edge Android Pie device must be configured to disable multi-user modes.MDMAirWatch - DISA Honeywell Android 9.x COBO v1r2
HONW-09-004700 - The Honeywell Mobility Edge Android Pie device must be configured to disable multi-user modes.MDMMobileIron - DISA Honeywell Android 9.x COPE v1r2
HONW-09-004700 - The Honeywell Mobility Edge Android Pie device must be configured to disable multi-user modes.MDMMobileIron - DISA Honeywell Android 9.x COBO v1r2
JUEX-NM-000240 - The Juniper EX switch must be configured with only one local account to be used as the account of last resort in the event the authentication server is unavailable.JuniperDISA Juniper EX Series Network Device Management v2r2