From Bromium Secure Platform 4.x Security Technical Implementation Guide
Part of SRG-APP-000316
Associated with: CCI-002322
Without the ability to immediately disconnect or disable remote access, an attack or other compromise would not be immediately stopped.
Inspect the BEC user settings for a role with no privileges and a group that is tied to that role. 1. From the management console, click on the arrow next to "Settings". 2. Click on "Roles". 3. Identify and select the role that has no privileges assigned to it. 4. Inspect the "Role" settings to ensure that a group has been assigned. If the BEC is not configured to immediately disconnect or disable remote access to the information system, this is a finding.
Disable access for the user account by assigning a role with zero privileges enabled. A role that has zero privileges assigned to it must exist, along with a group that is assigned to the role. 1. From the management console, click on the arrow next to "Settings". 2. Click on "Users". 3. Select the user that has been identified for disabling. 4. Add the user to the group that is associated with the role that carries zero privileges. 5. Delete/remove all other groups for that user. 6. Click "Save".
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer