800-53|AC-2a.

Title

ACCOUNT MANAGEMENT

Description

Identifies and selects the following types of information system accounts to support organizational missions/business functions: [Assignment: organization-defined information system account types];

Reference Item Details

Category: ACCESS CONTROL

Family: ACCESS CONTROL

Baseline Impact: LOW,MODERATE,HIGH

Audit Items

View all Reference Audit Items

NamePluginAudit Name
ARST-ND-000350 - The Arista network device must be configured with only one local account to be used as the account of last resort in the event the authentication server is unavailable.AristaDISA STIG Arista MLS EOS 4.2x NDM v1r1
CASA-ND-000450 - The Cisco ASA must be configured with only one local account to be used as the account of last resort in the event the authentication server is unavailable - serialCiscoDISA STIG Cisco ASA NDM v1r6
CASA-ND-000450 - The Cisco ASA must be configured with only one local account to be used as the account of last resort in the event the authentication server is unavailable - sshCiscoDISA STIG Cisco ASA NDM v1r6
CASA-ND-000450 - The Cisco ASA must be configured with only one local account to be used as the account of last resort in the event the authentication server is unavailable - usernameCiscoDISA STIG Cisco ASA NDM v1r6
CISC-ND-000490 - The Cisco router must be configured with only one local account to be used as the account of last resort in the event the authentication server is unavailable.CiscoDISA STIG Cisco IOS Router NDM v2r8
CISC-ND-000490 - The Cisco router must be configured with only one local account to be used as the account of last resort in the event the authentication server is unavailable.CiscoDISA STIG Cisco IOS XE Router NDM v2r9
CISC-ND-000490 - The Cisco router must be configured with only one local account to be used as the account of last resort in the event the authentication server is unavailable.CiscoDISA STIG Cisco IOS-XR Router NDM v2r5
CISC-ND-000490 - The Cisco switch must be configured with only one local account to be used as the account of last resort in the event the authentication server is unavailable.CiscoDISA STIG Cisco IOS XE Switch NDM v2r9
CISC-ND-000490 - The Cisco switch must be configured with only one local account to be used as the account of last resort in the event the authentication server is unavailable.CiscoDISA STIG Cisco IOS Switch NDM v2r9
CISC-ND-000490 - The Cisco switch must be configured with only one local account to be used as the account of last resort in the event the authentication server is unavailable.CiscoDISA STIG Cisco NX-OS Switch NDM v2r8
FGFW-ND-000030 - The FortiGate device must have only one local account to be used as the account of last resort in the event the authentication server is unavailable.FortiGateDISA Fortigate Firewall NDM STIG v1r4
GOOG-09-004700 - The Google Android Pie must be configured to disable multi-user modes.MDMMobileIron - DISA Google Android 9.x v2r1
GOOG-09-004700 - The Google Android Pie must be configured to disable multi-user modes.MDMAirWatch - DISA Google Android 9.x v2r1
GOOG-10-004700 - Google Android 10 must be configured to disable multi-user modes.MDMAirWatch - DISA Google Android 10.x v2r1
GOOG-10-004700 - Google Android 10 must be configured to disable multi-user modes.MDMMobileIron - DISA Google Android 10.x v2r1
GOOG-11-004700 - Google Android 11 must be configured to disable multi-user modes.MDMMobileIron - DISA Google Android 11 COBO v2r1
GOOG-11-004700 - Google Android 11 must be configured to disable multi-user modes.MDMAirWatch - DISA Google Android 11 COBO v2r1
GOOG-11-004700 - Google Android 11 must be configured to disable multi-user modes.MDMMobileIron - DISA Google Android 11 COPE v2r1
GOOG-11-004700 - Google Android 11 must be configured to disable multi-user modes.MDMAirWatch - DISA Google Android 11 COPE v2r1
GOOG-12-009000 - Google Android 12 must be configured to disable multiuser modes.MDMMobileIron - DISA Google Android 12 COPE v1r1
GOOG-12-009000 - Google Android 12 must be configured to disable multiuser modes.MDMAirWatch - DISA Google Android 12 COPE v1r1
GOOG-12-009000 - Google Android 12 must be configured to disable multiuser modes.MDMMobileIron - DISA Google Android 12 COBO v1r1
GOOG-12-009000 - Google Android 12 must be configured to disable multiuser modes.MDMAirWatch - DISA Google Android 12 COBO v1r1
GOOG-13-009000 - Google Android 13 must be configured to disable multiuser modes.MDMMobileIron - DISA Google Android 13 COBO v1r1
GOOG-13-009000 - Google Android 13 must be configured to disable multiuser modes.MDMAirWatch - DISA Google Android 13 COPE v1r1
GOOG-13-009000 - Google Android 13 must be configured to disable multiuser modes.MDMMobileIron - DISA Google Android 13 COPE v1r1
GOOG-13-009000 - Google Android 13 must be configured to disable multiuser modes.MDMAirWatch - DISA Google Android 13 COBO v1r1
HONW-09-004700 - The Honeywell Mobility Edge Android Pie device must be configured to disable multi-user modes.MDMMobileIron - DISA Honeywell Android 9.x COPE v1r1
HONW-09-004700 - The Honeywell Mobility Edge Android Pie device must be configured to disable multi-user modes.MDMAirWatch - DISA Honeywell Android 9.x COPE v1r1
HONW-09-004700 - The Honeywell Mobility Edge Android Pie device must be configured to disable multi-user modes.MDMAirWatch - DISA Honeywell Android 9.x COBO v1r1
HONW-09-004700 - The Honeywell Mobility Edge Android Pie device must be configured to disable multi-user modes.MDMMobileIron - DISA Honeywell Android 9.x COBO v1r1
JUEX-NM-000240 - The Juniper EX switch must be configured with only one local account to be used as the account of last resort in the event the authentication server is unavailable.JuniperDISA Juniper EX Series Network Device Management v1r5
JUNI-ND-000490 - The Juniper router must be configured with only one local account to be used as the account of last resort in the event the authentication server is unavailableJuniperDISA STIG Juniper Router NDM v2r3
KNOX-07-006100 - The Samsung Android 7 with Knox must be configured to disable multi-user modes.MDMMobileIron - DISA Samsung Android 7 with Knox 2.x v1r1
KNOX-07-006100 - The Samsung Android 7 with Knox must be configured to disable multi-user modes.MDMAirWatch - DISA Samsung Android 7 with Knox 2.x v1r1
MSFT-11-004700 - Microsoft Android 11 must be configured to disable multi-user modes.MDMMobileIron - DISA Microsoft Android 11 COPE v1r1
MSFT-11-004700 - Microsoft Android 11 must be configured to disable multi-user modes.MDMMobileIron - DISA Microsoft Android 11 COBO v1r1
MSFT-11-004700 - Microsoft Android 11 must be configured to disable multi-user modes.MDMAirWatch - DISA Microsoft Android 11 COPE v1r1
MSFT-11-004700 - Microsoft Android 11 must be configured to disable multi-user modes.MDMAirWatch - DISA Microsoft Android 11 COBO v1r1
SYMP-NM-000010 - Symantec ProxySG must be configured with only one local account that is used as the account of last resort.BlueCoatDISA Symantec ProxySG Benchmark NDM v1r2
ZEBR-10-004700 - Zebra Android 10 must be configured to disable multi-user modes.MDMMobileIron - DISA Zebra Android 10 COPE v1r2
ZEBR-10-004700 - Zebra Android 10 must be configured to disable multi-user modes.MDMAirWatch - DISA Zebra Android 10 COPE v1r2
ZEBR-10-004700 - Zebra Android 10 must be configured to disable multi-user modes.MDMMobileIron - DISA Zebra Android 10 COBO v1r2
ZEBR-10-004700 - Zebra Android 10 must be configured to disable multi-user modes.MDMAirWatch - DISA Zebra Android 10 COBO v1r2
ZEBR-11-004700 - Zebra Android 11 must be configured to disable multi-user modes.MDMMobileIron - DISA Zebra Android 11 COBO v1r3
ZEBR-11-004700 - Zebra Android 11 must be configured to disable multi-user modes.MDMAirWatch - DISA Zebra Android 11 COBO v1r3