800-53|AC-2a.

Title

ACCOUNT MANAGEMENT

Description

Identifies and selects the following types of information system accounts to support organizational missions/business functions: [Assignment: organization-defined information system account types];

Reference Item Details

Category: ACCESS CONTROL

Family: ACCESS CONTROL

Baseline Impact: LOW,MODERATE,HIGH

Audit Items

View all Reference Audit Items

NamePluginAudit Name
CASA-ND-000450 - The Cisco ASA must be configured with only one local account to be used as the account of last resort in the event the authentication server is unavailable - serialCiscoDISA STIG Cisco ASA NDM v1r1
CASA-ND-000450 - The Cisco ASA must be configured with only one local account to be used as the account of last resort in the event the authentication server is unavailable - sshCiscoDISA STIG Cisco ASA NDM v1r1
CASA-ND-000450 - The Cisco ASA must be configured with only one local account to be used as the account of last resort in the event the authentication server is unavailable - usernameCiscoDISA STIG Cisco ASA NDM v1r1
CISC-ND-000490 - The Cisco router must be configured with only one local account to be used as the account of last resort in the event the authentication server is unavailable - aaa authCiscoDISA STIG Cisco IOS-XR Router NDM v2r2
CISC-ND-000490 - The Cisco router must be configured with only one local account to be used as the account of last resort in the event the authentication server is unavailable - usernameCiscoDISA STIG Cisco IOS-XR Router NDM v2r2
CISC-ND-000490 - The Cisco router must be configured with only one local account to be used as the account of last resort in the event the authentication server is unavailable - username groupsCiscoDISA STIG Cisco IOS-XR Router NDM v2r2
CISC-ND-000490 - The Cisco router must be configured with only one local account to be used as the account of last resort in the event the authentication server is unavailable.CiscoDISA STIG Cisco IOS Router NDM v2r4
CISC-ND-000490 - The Cisco router must be configured with only one local account to be used as the account of last resort in the event the authentication server is unavailable.CiscoDISA STIG Cisco IOS XE Router NDM v2r5
CISC-ND-000490 - The Cisco switch must be configured with only one local account to be used as the account of last resort in the event the authentication server is unavailable - aaa authCiscoDISA STIG Cisco IOS XE Switch NDM v2r3
CISC-ND-000490 - The Cisco switch must be configured with only one local account to be used as the account of last resort in the event the authentication server is unavailable - aaa authCiscoDISA STIG Cisco IOS Switch NDM v2r4
CISC-ND-000490 - The Cisco switch must be configured with only one local account to be used as the account of last resort in the event the authentication server is unavailable - aaa authentication login default fallbackCiscoDISA STIG Cisco NX-OS Switch NDM v2r3
CISC-ND-000490 - The Cisco switch must be configured with only one local account to be used as the account of last resort in the event the authentication server is unavailable - aaa authentication login default groupCiscoDISA STIG Cisco NX-OS Switch NDM v2r3
CISC-ND-000490 - The Cisco switch must be configured with only one local account to be used as the account of last resort in the event the authentication server is unavailable - accountCiscoDISA STIG Cisco IOS Switch NDM v2r4
CISC-ND-000490 - The Cisco switch must be configured with only one local account to be used as the account of last resort in the event the authentication server is unavailable - accountCiscoDISA STIG Cisco NX-OS Switch NDM v2r3
CISC-ND-000490 - The Cisco switch must be configured with only one local account to be used as the account of last resort in the event the authentication server is unavailable - accountCiscoDISA STIG Cisco IOS XE Switch NDM v2r3
FGFW-ND-000030 - The FortiGate device must have only one local account to be used as the account of last resort in the event the authentication server is unavailable.FortiGateDISA Fortigate Firewall NDM STIG v1r1
GOOG-09-004700 - The Google Android Pie must be configured to disable multi-user modes.MDMAirWatch - DISA Google Android 9.x v1r1
GOOG-09-004700 - The Google Android Pie must be configured to disable multi-user modes.MDMMobileIron - DISA Google Android 9.x v1r1
GOOG-10-004700 - Google Android 10 must be configured to disable multi-user modes.MDMAirWatch - DISA Google Android 10.x v1r2
GOOG-10-004700 - Google Android 10 must be configured to disable multi-user modes.MDMMobileIron - DISA Google Android 10.x v1r2
GOOG-11-004700 - Google Android 11 must be configured to disable multi-user modes.MDMMobileIron - DISA Google Android 11 COPE v1r1
GOOG-11-004700 - Google Android 11 must be configured to disable multi-user modes.MDMAirWatch - DISA Google Android 11 COBO v1r1
GOOG-11-004700 - Google Android 11 must be configured to disable multi-user modes.MDMAirWatch - DISA Google Android 11 COPE v1r1
GOOG-11-004700 - Google Android 11 must be configured to disable multi-user modes.MDMMobileIron - DISA Google Android 11 COBO v1r1
GOOG-12-009000 - Google Android 12 must be configured to disable multiuser modes.MDMMobileIron - DISA Google Android 12 COPE v1r1
GOOG-12-009000 - Google Android 12 must be configured to disable multiuser modes.MDMAirWatch - DISA Google Android 12 COPE v1r1
GOOG-12-009000 - Google Android 12 must be configured to disable multiuser modes.MDMAirWatch - DISA Google Android 12 COBO v1r1
GOOG-12-009000 - Google Android 12 must be configured to disable multiuser modes.MDMMobileIron - DISA Google Android 12 COBO v1r1
HONW-09-004700 - The Honeywell Mobility Edge Android Pie device must be configured to disable multi-user modes.MDMMobileIron - DISA Honeywell Android 9.x COPE v1r1
HONW-09-004700 - The Honeywell Mobility Edge Android Pie device must be configured to disable multi-user modes.MDMAirWatch - DISA Honeywell Android 9.x COPE v1r1
HONW-09-004700 - The Honeywell Mobility Edge Android Pie device must be configured to disable multi-user modes.MDMMobileIron - DISA Honeywell Android 9.x COBO v1r1
HONW-09-004700 - The Honeywell Mobility Edge Android Pie device must be configured to disable multi-user modes.MDMAirWatch - DISA Honeywell Android 9.x COBO v1r1
JUNI-ND-000490 - The Juniper router must be configured with only one local account to be used as the account of last resort in the event the authentication server is unavailable - auth orderJuniperDISA STIG Juniper Router NDM v2r1
JUNI-ND-000490 - The Juniper router must be configured with only one local account to be used as the account of last resort in the event the authentication server is unavailable - LAST_RESORTJuniperDISA STIG Juniper Router NDM v2r1
JUNI-ND-000490 - The Juniper router must be configured with only one local account to be used as the account of last resort in the event the authentication server is unavailable - login classJuniperDISA STIG Juniper Router NDM v2r1
KNOX-07-006100 - The Samsung Android 7 with Knox must be configured to disable multi-user modes.MDMAirWatch - DISA Samsung Android 7 with Knox 2.x v1r1
KNOX-07-006100 - The Samsung Android 7 with Knox must be configured to disable multi-user modes.MDMMobileIron - DISA Samsung Android 7 with Knox 2.x v1r1
MOTO-09-004700 - Motorola Android Pie must be configured to disable multi-user modes.MDMMobileIron - DISA Motorola Android Pie.x COPE v1r1
SYMP-NM-000010 - Symantec ProxySG must be configured with only one local account that is used as the account of last resort.BlueCoatDISA Symantec ProxySG Benchmark NDM v1r2
ZEBR-10-004700 - Zebra Android 10 must be configured to disable multi-user modes.MDMAirWatch - DISA Zebra Android 10 COPE v1r1
ZEBR-10-004700 - Zebra Android 10 must be configured to disable multi-user modes.MDMMobileIron - DISA Zebra Android 10 COPE v1r1
ZEBR-10-004700 - Zebra Android 10 must be configured to disable multi-user modes.MDMAirWatch - DISA Zebra Android 10 COBO v1r1
ZEBR-10-004700 - Zebra Android 10 must be configured to disable multi-user modes.MDMMobileIron - DISA Zebra Android 10 COBO v1r1