800-53|AC-2(1)

Title

AUTOMATED SYSTEM ACCOUNT MANAGEMENT

Description

The organization employs automated mechanisms to support the management of information system accounts.

Supplemental

The use of automated mechanisms can include, for example: using email or text messaging to automatically notify account managers when users are terminated or transferred; using the information system to monitor account usage; and using telephonic notification to report atypical system account usage.

Reference Item Details

Reference: NIST 800-53 - Security and Privacy Controls for Federal Information Systems and Organizations

Category: ACCESS CONTROL

Parent Title: ACCOUNT MANAGEMENT

Family: ACCESS CONTROL

Baseline Impact: MODERATE,HIGH

Audit Items

View all Reference Audit Items

Name	Plugin	Audit Name
1.1 Ensure that Corporate Login Credentials are Used	GCP	CIS Google Cloud Platform v2.0.0 L1
1.1.1 Enable 'aaa new-model'	Cisco	CIS Cisco IOS 16 L1 v2.0.0
1.1.1 Enable 'aaa new-model'	Cisco	CIS Cisco IOS 15 L1 v4.1.1
1.1.1 Enable 'aaa new-model'	Cisco	CIS Cisco IOS 17 L1 v2.0.0
1.1.1 Ensure 'Enforce password history' is set to '24 or more password(s)'	Windows	CIS Microsoft Windows Server 2016 STIG DC STIG v1.1.0
1.1.1 Ensure 'Enforce password history' is set to '24 or more password(s)'	Windows	CIS Microsoft Windows Server 2016 STIG MS STIG v1.1.0
1.1.1 Ensure 'Enforce password history' is set to '24 or more password(s)'	Windows	CIS Microsoft Windows Server 2019 STIG MS STIG v1.0.1
1.1.1 Ensure 'Enforce password history' is set to '24 or more password(s)'	Windows	CIS Microsoft Windows Server 2019 STIG DC STIG v1.0.1
1.1.1 Ensure 'Enforce password history' is set to '24 or more password(s)'	Windows	CIS Microsoft Windows Server 2016 STIG DC L1 v1.1.0
1.1.1 Ensure 'Enforce password history' is set to '24 or more password(s)'	Windows	CIS Microsoft Windows Server 2016 STIG MS L1 v1.1.0
1.1.1 Ensure 'Enforce password history' is set to '24 or more password(s)'	Windows	CIS Microsoft Windows Server 2019 STIG DC L1 v1.0.1
1.1.1 Ensure 'Enforce password history' is set to '24 or more password(s)'	Windows	CIS Microsoft Windows Server 2019 STIG MS L1 v1.0.1
1.1.2 Enable 'aaa authentication login'	Cisco	CIS Cisco IOS 15 L1 v4.1.1
1.1.2 Enable 'aaa authentication login'	Cisco	CIS Cisco IOS 17 L1 v2.0.0
1.1.2 Enable 'aaa authentication login'	Cisco	CIS Cisco IOS 16 L1 v2.0.0
1.1.3 Enable 'aaa authentication enable default'	Cisco	CIS Cisco IOS 15 L1 v4.1.1
1.1.3 Enable 'aaa authentication enable default'	Cisco	CIS Cisco IOS 17 L1 v2.0.0
1.1.3 Enable 'aaa authentication enable default'	Cisco	CIS Cisco IOS 16 L1 v2.0.0
1.1.4 Ensure 'Minimum password length' is set to '14 or more character(s)'	Windows	CIS Microsoft Windows Server 2019 STIG DC STIG v1.0.1
1.1.4 Ensure 'Minimum password length' is set to '14 or more character(s)'	Windows	CIS Microsoft Windows Server 2019 STIG MS STIG v1.0.1
1.1.4 Ensure 'Minimum password length' is set to '14 or more character(s)'	Windows	CIS Microsoft Windows Server 2019 STIG DC L1 v1.0.1
1.1.4 Ensure 'Minimum password length' is set to '14 or more character(s)'	Windows	CIS Microsoft Windows Server 2019 STIG MS L1 v1.0.1
1.1.4 Set 'login authentication for 'line con 0'	Cisco	CIS Cisco IOS 15 L1 v4.1.1
1.1.4 Set 'login authentication for 'line vty'	Cisco	CIS Cisco IOS 17 L1 v2.0.0
1.1.5 Ensure 'Minimum password length' is set to '14 or more character(s)'	Windows	CIS Microsoft Windows Server 2016 STIG DC STIG v1.1.0
1.1.5 Ensure 'Minimum password length' is set to '14 or more character(s)'	Windows	CIS Microsoft Windows Server 2016 STIG MS STIG v1.1.0
1.1.5 Ensure 'Minimum password length' is set to '14 or more character(s)'	Windows	CIS Microsoft Windows Server 2016 STIG DC L1 v1.1.0
1.1.5 Ensure 'Minimum password length' is set to '14 or more character(s)'	Windows	CIS Microsoft Windows Server 2016 STIG MS L1 v1.1.0
1.1.5 Ensure 'Password must meet complexity requirements' is set to 'Enabled'	Windows	CIS Microsoft Windows Server 2019 STIG MS L1 v1.0.1
1.1.5 Ensure 'Password must meet complexity requirements' is set to 'Enabled'	Windows	CIS Microsoft Windows Server 2019 STIG DC STIG v1.0.1
1.1.5 Ensure 'Password must meet complexity requirements' is set to 'Enabled'	Windows	CIS Microsoft Windows Server 2019 STIG MS STIG v1.0.1
1.1.5 Ensure 'Password must meet complexity requirements' is set to 'Enabled'	Windows	CIS Microsoft Windows Server 2019 STIG DC L1 v1.0.1
1.1.5 Set 'login authentication for 'ip http' - http authentication	Cisco	CIS Cisco IOS 16 L1 v2.0.0
1.1.5 Set 'login authentication for 'ip http' - http authentication	Cisco	CIS Cisco IOS 17 L1 v2.0.0
1.1.5 Set 'login authentication for 'ip http' - http secure-server	Cisco	CIS Cisco IOS 17 L1 v2.0.0
1.1.5 Set 'login authentication for 'ip http' - http secure-server	Cisco	CIS Cisco IOS 16 L1 v2.0.0
1.1.5 Set 'login authentication for 'line tty'	Cisco	CIS Cisco IOS 15 L1 v4.1.1
1.1.6 Ensure 'Password must meet complexity requirements' is set to 'Enabled'	Windows	CIS Microsoft Windows Server 2016 STIG MS STIG v1.1.0
1.1.6 Ensure 'Password must meet complexity requirements' is set to 'Enabled'	Windows	CIS Microsoft Windows Server 2016 STIG DC L1 v1.1.0
1.1.6 Ensure 'Password must meet complexity requirements' is set to 'Enabled'	Windows	CIS Microsoft Windows Server 2016 STIG MS L1 v1.1.0
1.1.6 Ensure 'Password must meet complexity requirements' is set to 'Enabled'	Windows	CIS Microsoft Windows Server 2016 STIG DC STIG v1.1.0
1.1.6 Ensure 'Store passwords using reversible encryption' is set to 'Disabled'	Windows	CIS Microsoft Windows Server 2019 STIG MS L1 v1.0.1
1.1.6 Ensure 'Store passwords using reversible encryption' is set to 'Disabled'	Windows	CIS Microsoft Windows Server 2019 STIG DC L1 v1.0.1
1.1.6 Ensure 'Store passwords using reversible encryption' is set to 'Disabled'	Windows	CIS Microsoft Windows Server 2019 STIG DC STIG v1.0.1
1.1.6 Ensure 'Store passwords using reversible encryption' is set to 'Disabled'	Windows	CIS Microsoft Windows Server 2019 STIG MS STIG v1.0.1
1.1.6 Set 'login authentication for 'line vty'	Cisco	CIS Cisco IOS 15 L1 v4.1.1
1.1.7 Ensure 'Store passwords using reversible encryption' is set to 'Disabled'	Windows	CIS Microsoft Windows Server 2016 STIG DC STIG v1.1.0
1.1.7 Ensure 'Store passwords using reversible encryption' is set to 'Disabled'	Windows	CIS Microsoft Windows Server 2016 STIG MS STIG v1.1.0
1.1.7 Ensure 'Store passwords using reversible encryption' is set to 'Disabled'	Windows	CIS Microsoft Windows Server 2016 STIG MS L1 v1.1.0
1.1.7 Ensure 'Store passwords using reversible encryption' is set to 'Disabled'	Windows	CIS Microsoft Windows Server 2016 STIG DC L1 v1.1.0

Detections

Analytics