Title

The KVM switch must be configured to require DoD compliant passwords. (Cat I impact)

Discussion

Strong passwords are harder to guess or discover via brute force making the system more secure from malicious tampering. The ISSO will ensure the KVM switch is configured to require DoD compliant passwords.

Check Content

The reviewer will, with the assistance of the ISSO, try to change a password to a non-compliant password. If a non-compliant password can be set, this is a finding. The use of PKI authentication would make this check not a finding.

Fix Text

Reconfigure the network attached KVM switch to require DoD compliant passwords. If this is not possible, replace the KVM switch with a KVM switch that can be configured to enforce DoD compliant passwords.

Additional Identifiers

Rule ID: SV-6906r2_rule

Vulnerability ID: V-6709

Group Title:

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.