Rule Title: RiOS must automatically create log events when accounts are modified.

STIG ID: RICX-DM-000008

Rule ID: SV-77331r1_rule Severity: CAT III

Vuln ID: V-62841 Class: Unclass

Because the accounts in the network device are privileged or system-level accounts, account management is vital to the security of the network device. Account management by a designated authority ensures access to the network device is being controlled in a secure manner by granting access to only authorized personnel with the appropriate and necessary privileges. Auditing account modification along with an automatic notification to appropriate individuals will provide the necessary reconciliation that account management procedures are being followed. If modifications to management accounts are not audited, reconciliation of account management procedures cannot be tracked.

Verify that RiOS is configured to generate log events when accounts are modified. For detailed information, see Verifying log events are generated when accounts are created.

Configure RiOS to generate log events when accounts are modified.

Rule Title: RiOS must automatically generate a log event when accounts are disabled.

STIG ID: RICX-DM-000009

Rule ID: SV-77333r1_rule Severity: CAT III

Vuln ID: V-62843 Class: Unclass

Account management, as a whole, ensures access to the network device is being controlled in a secure manner by granting access to only authorized personnel. Auditing account disabling actions will support account management procedures. When device management accounts are disabled, user or service accessibility might be affected. Auditing also ensures authorized active accounts remain enabled and available for use when required.

Verify that RiOS is configured to generate log events when accounts are disabled. For detailed information, see Verifying log events are generated when accounts are created.

Configure RiOS to generate log events when accounts are disabled.