Detections
Analytics
OS10-NDM-000760 - The Dell OS10 Switch must prohibit the use of cached authenticators after an organization-defined time period.
Information
Some authentication implementations can be configured to use cached authenticators.If cached authentication information is out-of-date, the validity of the authentication information may be questionable.
The organization-defined time period should be established for each device depending on the nature of the device; for example, a device with just a few administrators in a facility with spotty network connectivity may merit a longer caching time period than a device with many administrators.
Solution
Configure the OS10 Switch to prohibit the use of cached authenticators after an organization-defined time period:OS10(config)# rest authentication token validity {minutes}
See Also
https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Dell_OS10_Switch_Y24M12_STIG.zip
Item Details
Audit Name: DISA Dell OS10 Switch NDM STIG v1r1
Category: IDENTIFICATION AND AUTHENTICATION
References: 800-53|IA-5(13), CAT|II, CCI|CCI-002007, Rule-ID|SV-269795r1052420_rule, STIG-ID|OS10-NDM-000760, Vuln-ID|V-269795
Plugin: Dell_OS10
Control ID: 6180f0b1e9beb6ed42f09c177c9c01f42e5160f44d0fb41f129d4c521180027b