The sudoers file must be configured to require authentication on every use. Use of weak or untested encryption algorithms undermines the purposes of utilizing. The FIPS administrative and cryptographic modules must be installed correctly.Ĭryptography is only as strong as the encryption modules/algorithms that are employed to encrypt the data. Instead, log in using accounts with administrator privileges, and then use the sudo command to. The sudoers file must be configured to authenticate users on a per-tty basis.ĭo not allow direct root login because the logs cannot identify which administrator logged in. These connections will occur over the public Internet. Remote network access is accomplished by leveraging common communication protocols and establishing a remote connection. The Security assessment policy subsystem must be enabled.Īny changes to the hardware, software, and/or firmware components of the information system and/or application can potentially have significant effects on the overall security of the system. The organization can either make a determination as to the relative security of the networking protocol. Some networking protocols may not meet security requirements to protect data and components. Findings (MAC III - Administrative Sensitive) Finding ID
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |