WN16-00-000210 – Outdated or unused accounts must be removed from the system or disabled.

Details

Outdated or unused accounts provide penetration points that may go undetected. Inactive accounts must be deleted if no longer necessary or, if still required, disabled until needed.

Satisfies: SRG-OS-000104-GPOS-00051, SRG-OS-000118-GPOS-00060

NOTE: Nessus has provided the target output to assist in reviewing the benchmark to ensure target compliance.

Solution

Regularly review accounts to determine if they are still active. Remove or disable accounts that have not been used in the last 35 days.

Supportive Information

The following resource is also helpful.

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_MS_Windows_Server_2016_V2R3_STIG.zip

This security hardening control applies to the following category of controls within NIST 800-53: Identification and Authentication.This control applies to the following type of system Windows.

References

800-53|IA-2
800-53|IA-4e.
CAT|II
CCI|CCI-000764
CCI|CCI-000795
CSCv6|16.1
CSCv6|16.6
Rule-ID|SV-224837r569186_rule
STIG-ID|WN16-00-000210
STIG-Legacy|SV-87911
STIG-Legacy|V-73259
Vuln-ID|V-224837

Source

Tenable.com/audits

Updated on July 16, 2022

Was this article helpful?

Yes No

Details

Solution

Supportive Information

References

Source

Related Articles