Check: IMIC-11-008510
Ivanti MobileIron Core MDM Server STIG:
IMIC-11-008510
(in version v1 r1)
Title
The Ivanti MobileIron Core server must configured to lock administrator accounts after three unsuccessful login attempts. (Cat II impact)
Discussion
By limiting the number of failed login attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute forcing, is reduced. Limits are imposed by locking the account. Satisfies:FMT_SMF.1(2)b Reference:PP-MDM-431030
Check Content
Verify the Ivanti MobileIron Core server has been configured to lock administrator accounts after three unsuccessful login attempts. Log in to the Core Admin Console >> Settings >> Security >> Password Policy. Verify "Number of Failed attempts" is set to "3". If the Ivanti MobileIron Core server does not lock administrator accounts after three unsuccessful login attempts, this is a finding.
Fix Text
Configure the Ivanti MobileIron Core server to lock administrator accounts after three unsuccessful login attempts. Log in to the Core Admin Console >> Settings >> Security >> Password Policy. Set "Number of Failed attempts" to "3".
Additional Identifiers
Rule ID: SV-251774r810435_rule
Vulnerability ID: V-251774
Group Title: SRG-APP-000345-UEM-000218
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-002238 |
The information system automatically locks the account or node for either an organization-defined time period, until the locked account or node is released by an administrator, or delays the next logon prompt according to the organization-defined delay algorithm when the maximum number of unsuccessful logon attempts is exceeded. |
Controls
Number | Title |
---|---|
AC-7 |
Unsuccessful Logon Attempts |