Navigate

Check: 3.122

windows 7 iavm: 3.122 (in version v1 r32)

Title

Administrator passwords must be changed as required. (Cat II impact)

Discussion

The longer a password is in use, the greater the opportunity for someone to gain unauthorized knowledge of the passwords. Passwords for the built-in administrator account and any emergency administrator accounts must be changed at least annually or when any member of the administrative team leaves the organization.

Check Content

Determine if the site has a policy that requires passwords for the built-in administrator account and any emergency administrator accounts to be changed at least annually or when any member of the administrative team leaves the organization. If a policy does not exist or is not enforced, this is a finding.

Fix Text

Define and enforce a policy that requires passwords for the built-in administrator account and any emergency administrator accounts to be changed at least annually or when any member of the administrative team leaves the organization.

Additional Identifiers

Rule ID:

Vulnerability ID: V-14225

Group Title:

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.

Number	Definition
CCI-000366	Implement the security configuration settings.

Controls

Controls tied to check. These are derived from the CCIs shown above.

Number	Title
CM-6	Configuration Settings