From Remote Access Server STIG
Part of Communications devices are not password protected.
Associated with IA controls: ECSC-1, IAIA-2, IAIA-1
The lack of a password protection for communications devices provides anyone access to the device, which opens a backdoor opportunity for intruders to attack and manipulate or compromise network resources. Vendors and programmers often leave methods of gaining access to a device that is outside the normal means of access. These backdoors or hidden userids are well known and are extremely dangerous if left active.
Interview the network administrator and attempt to logon to several devices.
Ensure all communication devices are in compliance with password policy.
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer