GEN000020 – The system must require authentication upon booting into single-user and maintenance modes.

Details

If the system does not require a valid root password before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

Assign a root account password for any bootable partition.

Supportive Information

The following resource is also helpful.

https://iasecontent.disa.mil/stigs/zip/U_AIX_6-1_V1R14_STIG.zip

This security hardening control applies to the following category of controls within NIST 800-53: Access Control.This control applies to the following type of system Unix.

References

800-53|AC-3
CAT|II
CCI|CCI-000213
Group-ID|V-756
Rule-ID|SV-27039r1_rule
STIG-ID|GEN000020
Vuln-ID|V-756

Source

Tenable.com/audits

Updated on July 16, 2022

Was this article helpful?

Yes No

Details

Solution

Supportive Information

References

Source

Related Articles