From IBM Hardware Management Console (HMC) STIG
Part of HMC0135
Associated with IA controls: ECLO-1, ECLO-2
Associated with: CCI-002238
The Maximum failed attempts before disable delay is not set to 3. This specifies the number of consecutive incorrect password attempts the Hardware Management Console allows as 3 times, before setting a 60-minute delay to attempt to retry the password. The improper setting of any of these fields, individually or in combination with another, can compromise the security of the processing environment. Note: The Hardware Management Console does not allow a revoke of a user ID.A 60-minute delay time setting is being substituted.
Have the System Administrator display the Disable delay in minutes. Disable Delay is found in User Profiles by selecting the user, selecting modify user and then selecting User Properties. If this is les than 60 minutes then this is a finding. Note: Hardware Management Console does not have the ability to revoke a user ID, so a 60-minute delay has been imposed instead.
The System Administrator will display the User Properties window on the Hardware Management Console for each user and verify that the disable delay is set to 60 or more. Maximum Failed Attempts and Disable Delay are found in User Profiles by selecting the user, selecting modify user and then selecting User Properties.
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer