Title

There are LOGONIDs defined to ACF2 that do not have the required fields completed. (Cat III impact)

Discussion

Within the LOGONID record, the users name and UID-string fields must be completed to ensure individual user accountability.

Check Content

Refer to the following report produced by the ACF2 Data Collection: - ACF2CMDS.RPT(LOGONIDS) Automated Analysis Refer to the following report produced by the ACF2 Data Collection Checklist: - PDI(ACF0560) Verify that the below listed fields are complete for all logonids. If the following guidance is true, this is not a finding. NAME User's name UID-String All fields defined in the ACFFDR @UID macro NOTE: A completed NAME field that can either be traced back to a current DD2875 or a Vendor Requirement (example: A Started Task). NOTE: A user may be required to have more than one logonid but users must not share userids.

Fix Text

The IAO will ensure that all LOGONID records have the required attributes. Review all LOGONID definitions to ensure required information is provided. Every user will be identified to ACF2 via a unique userid. (ACF2 calls this a logonid.) To ACF2, a user is an individual, a started task, or a batch job. Every user will be fully identified within ACF2. Complete the following fields for every logonid: NAME - User's name UID-String - All fields defined in the ACFFDR @UID macro All fields that comprise the standard UID string will be filled out for each user as a logonid is added. Example: SET LID INSERT logoind UID(uid string) NAME(user name)

Additional Identifiers

Rule ID: SV-158r3_rule

Vulnerability ID: V-158

Group Title: ACF0560

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.