3.1 - Roles, Applications, and Authentication - Review authentication methods | |
3.1 - Roles, Applications, and Authentication - Review custom roles | ACCESS CONTROL |
3.1 - Roles, Applications, and Authentication - RSH is disabled | CONFIGURATION MANAGEMENT |
3.1 - Roles, Applications, and Authentication - Telnet is disabled | CONFIGURATION MANAGEMENT |
3.1 - Roles, Applications, and Authentication - Use of secure applications | |
3.2 - Default Accounts - Admin user has been renamed - create new admin | ACCESS CONTROL |
3.2 - Default Accounts - Admin user has been renamed - default admin disabled or deleted | |
3.2 - Default Accounts - Review default accounts | ACCESS CONTROL |
3.3 - Certificate-Based API Access | |
3.4 - Login and Password Parameters - Account expiration time | |
3.4 - Login and Password Parameters - Account inactivity time | |
3.4 - Login and Password Parameters - Account Maximum Failed Attempts <= 5 | |
3.4 - Login and Password Parameters - Delay after failed login <= 4 seconds | |
3.4 - Login and Password Parameters - Delay between password changes <= 1 | |
3.4 - Login and Password Parameters - Hash Algorithm SHA512 | |
3.4 - Login and Password Parameters - Lockout Duration <= 1 Day | |
3.4 - Login and Password Parameters - Password Alphanumeric = true | |
3.4 - Login and Password Parameters - Password Expiration Time <=90 days | IDENTIFICATION AND AUTHENTICATION |
3.4 - Login and Password Parameters - Password expiration warning | IDENTIFICATION AND AUTHENTICATION |
3.4 - Login and Password Parameters - Password minimum digits <= 1 | |
3.4 - Login and Password Parameters - Password Minimum Length >= 8 | |
3.4 - Login and Password Parameters - Password minimum lowercase <= 1 | |
3.4 - Login and Password Parameters - Password Minimum Special Characters >= 1 | |
3.4 - Login and Password Parameters - Password minimum uppercase <= 1 | |
3.4 - Login and Password Parameters - Password Require Initial Update = true | |
3.4 - Login and Password Parameters - Passwords Disallow Reuse >= 6 | IDENTIFICATION AND AUTHENTICATION |
3.4 - Login and Password Parameters - Username Alphanumeric = false | |
3.4 - Login and Password Parameters - Username Minimum Lenth >= 3 | |
4.1 - System Administration Methods - CLI Session Timeout | |
4.1 - System Administration Methods - Login Banner | ACCESS CONTROL |
4.1 - System Administration Methods - Message of the Day | ACCESS CONTROL |
5.1 - Storage Administrative System Auditing - Log Forwarding enabled | AUDIT AND ACCOUNTABILITY |
5.1 - Storage Administrative System Auditing - Log Forwarding protocol tcp-encrypted | AUDIT AND ACCOUNTABILITY |
5.2 - Storage Administrative System Auditing - Event Notifications | AUDIT AND ACCOUNTABILITY |
6 - Storage Encryption | |
7 - Data Replication Encryption | |
8 - Managing TLS and SSL - FIPS 140-2 Enabled | SYSTEM AND COMMUNICATIONS PROTECTION |
8 - Managing TLS and SSL - SSLv3 disabled | SYSTEM AND COMMUNICATIONS PROTECTION |
8 - Managing TLS and SSL - Supported Ciphers | SYSTEM AND COMMUNICATIONS PROTECTION |
8 - Managing TLS and SSL - TLSv1 disabled | SYSTEM AND COMMUNICATIONS PROTECTION |
10 - Online Certificate Status Protocol | |
11 - Managing SSHv2 - Ciphers | |
11 - Managing SSHv2 - Key Exchange Algorithms | |
11 - Managing SSHv2 - MAC Algorithms | |
11 - Managing SSHv2 - Max Authentication Retry Count | |
12 - AutoSupport - Enabled | |
12 - AutoSupport - Remove Private Data | SYSTEM AND INFORMATION INTEGRITY |
12 - AutoSupport - Transport type | |
13 - Network Time Protocol | AUDIT AND ACCOUNTABILITY |
14 - NAS File System Local Accounts - Use NTLM Authentication with CIFS Workgroups | |