Details

The emergency administration account must be set to an appropriate authorization level to perform necessary administrative functions when the authentication server is not online.

The emergency administration account is to be configured as a local account on the network devices. It is to be used only when the authentication server is offline or not reachable via the network. The emergency account must be set to an appropriate authorization level to perform necessary administrative functions during this time.

NOTE: Change ‘EMERGENCY_ACCT’ to the username of the emergency account configured for your organization. The credentials for this account must be stored ina locked safe.

Solution

Assign a privilege level to the emergency administration account to allow the administrator to perform necessary administrative functions when the authentication server is not online.

Supportive Information

The following resource is also helpful.

• https://iasecontent.disa.mil/stigs/zip/U_Network_L2_Switch_V8R27_STIG.zip

This security hardening control applies to the following category of controls within NIST 800-53: Identification and Authentication.This control applies to the following type of system Cisco.

References

• 800-53|IA-2.
• 800-53|IA-5(1)
• CAT|I
• Rule-ID|SV-16261r5_rule
• STIG-ID|NET0441
• Vuln-ID|V-15434

Source

• Tenable.com/audits