Check: SRG-OS-000076-VMM-000430
Virtual Machine Manager SRG:
SRG-OS-000076-VMM-000430
(in versions v2 r2 through v1 r3)
Title
The VMM must enforce a 60-day maximum password lifetime restriction. (Cat II impact)
Discussion
Any password, no matter how complex, can eventually be cracked. Therefore, passwords need to be changed periodically. If the VMM does not limit the lifetime of passwords and force users to change their passwords, there is the risk that the VMM passwords could be compromised.
Check Content
Verify the VMM enforces a 60-day maximum password lifetime restriction. If it does not, this is a finding.
Fix Text
Configure the VMM to enforce a 60-day maximum password lifetime restriction.
Additional Identifiers
Rule ID: SV-207379r1038967_rule
Vulnerability ID: V-207379
Group Title: SRG-OS-000076
Expert Comments
Expert comments are only available to logged-in users.
CCIs
CCIs tied to check.
| Number | Definition |
|---|---|
| CCI-004066 |
For password-based authentication, enforce organization-defined composition and complexity rules. |
Controls
Controls tied to check. These are derived from the CCIs shown above.
| Number | Title |
|---|---|
| No controls are assigned to this check |