STIGs RMF Controls Compare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

Browse STIGs
Search
RMF Controls
Compare Versions

Resources

About
Release Notes
VPAT
DISA STIG Library

STIGs updated 2 hours ago

Powered by Pylon

© 2026 Beacon Cloud Solutions, Inc. All rights reserved.

← AC-2 (4) — Account Management

CCI-002132

Definition

The information system notifies organization-defined personnel or roles for account enabling actions.

Parent Control

AC-2 (4)Account ManagementAccess Control

Linked STIG Checks (44)

V-255607CAT IIThe A10 Networks ADC must notify System Administrators (SAs) and Information System Security Officers (ISSMs) when accounts are created, or enabled when previously disabled.A10 Networks ADC NDM Security Technical Implementation Guide V-76477CAT IIThe Akamai Luna Portal must notify the SAs and ISSO when accounts are created, or enabled when previously disabled.Akamai KSD Service Impact Level 2 NDM Security Technical Implementation Guide V-222422CAT IIIThe application must notify system administrators (SAs) and information system security officers (ISSOs) of account enabling actions.Application Security and Development Security Technical Implementation Guide V-272632CAT IICylanceON-PREM must be configured to support integration with a third-party Security Information and Event Management (SIEM) to support notifications.Arctic Wolf CylanceON-PREM Security Technical Implementation Guide V-256842CAT IICompliance Guardian must provide automated mechanisms for supporting account management functions.AvePoint Compliance Guardian Security Technical Implementation Guide V-255510CAT IIThe CA API Gateway must notify System Administrators (SAs) and Information System Security Officers (ISSMs) when accounts are created, or enabled when previously disabled.CA API Gateway NDM Security Technical Implementation Guide V-229000CAT IIThe BIG-IP appliance must be configured to generate an immediate alert for account-enabling actions.F5 BIG-IP Device Management Security Technical Implementation Guide V-230172CAT IIThe HP FlexFabric Switch must generate an immediate alert for account enabling actions.HP FlexFabric Switch NDM Security Technical Implementation Guide V-215246CAT IIAIX must provide audit record generation functionality for DoD-defined auditable events.IBM AIX 7.x Security Technical Implementation Guide V-65129CAT IIThe DataPower Gateway must generate an immediate alert for account enabling actions.IBM DataPower Network Device Management Security Technical Implementation Guide V-255754CAT IIThe MQ Appliance network device must generate account activity alerts that are forwarded to the administrators and Information System Security Officer (ISSO). Activity includes, creation, removal, modification and re-enablement after being previously disabled.IBM MQ Appliance v9.0 NDM Security Technical Implementation Guide V-66471CAT IIThe Juniper SRX Services Gateway must generate an immediate alert message to the management console for account enabling actions.Juniper SRX SG NDM Security Technical Implementation Guide V-229025CAT IThe Juniper SRX Services Gateway must be configured to use a centralized authentication server to authenticate privileged users for remote and nonlocal access for device management.Juniper SRX Services Gateway NDM Security Technical Implementation Guide V-248740CAT IIOL 8 must generate audit records for all account creation events that affect "/etc/shadow".Oracle Linux 8 Security Technical Implementation Guide V-248741CAT IIOL 8 must generate audit records for all account creation events that affect "/etc/security/opasswd".Oracle Linux 8 Security Technical Implementation Guide V-248742CAT IIOL 8 must generate audit records for all account creation events that affect "/etc/passwd".Oracle Linux 8 Security Technical Implementation Guide V-248743CAT IIOL 8 must generate audit records for all account creation events that affect "/etc/gshadow".Oracle Linux 8 Security Technical Implementation Guide V-248744CAT IIOL 8 must generate audit records for all account creation events that affect "/etc/group".Oracle Linux 8 Security Technical Implementation Guide V-248745CAT IIOL 8 must generate audit records for all account creations, modifications, disabling, and termination events that affect "/etc/sudoers".Oracle Linux 8 Security Technical Implementation Guide V-248746CAT IIOL 8 must generate audit records for all account creations, modifications, disabling, and termination events that affect "/etc/sudoers.d/".Oracle Linux 8 Security Technical Implementation Guide V-258217CAT IIRHEL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/sudoers.Red Hat Enterprise Linux 9 Security Technical Implementation Guide V-258218CAT IIRHEL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/sudoers.d/ directory.Red Hat Enterprise Linux 9 Security Technical Implementation Guide V-258219CAT IIRHEL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/group.Red Hat Enterprise Linux 9 Security Technical Implementation Guide V-258220CAT IIRHEL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/gshadow.Red Hat Enterprise Linux 9 Security Technical Implementation Guide V-258221CAT IIRHEL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/opasswd.Red Hat Enterprise Linux 9 Security Technical Implementation Guide V-258222CAT IIRHEL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/passwd.Red Hat Enterprise Linux 9 Security Technical Implementation Guide V-258223CAT IIRHEL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/shadow.Red Hat Enterprise Linux 9 Security Technical Implementation Guide V-257511CAT IIOpenShift must generate audit rules to capture account related actions.Red Hat OpenShift Container Platform 4.x Security Technical Implementation Guide V-254093CAT IInnoslate must use multifactor authentication for network access to privileged and non-privileged accounts.SPEC Innovations Innoslate 4.x Security Technical Implementation Guide V-261451CAT IISLEM 5 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/passwd.SUSE Linux Enterprise Micro (SLEM) 5 Security Technical Implementation Guide V-217205CAT IIThe SUSE operating system must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/passwd.SUSE Linux Enterprise Server 12 Security Technical Implementation Guide V-217206CAT IIThe SUSE operating system must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/group.SUSE Linux Enterprise Server 12 Security Technical Implementation Guide V-217207CAT IIThe SUSE operating system must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/shadow.SUSE Linux Enterprise Server 12 Security Technical Implementation Guide V-217208CAT IIThe SUSE operating system must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/opasswd.SUSE Linux Enterprise Server 12 Security Technical Implementation Guide V-241003CAT IITanium must notify the SA and ISSO of account enabling actions.Tanium 7.0 Security Technical Implementation Guide V-234063CAT IIThe Tanium application must notify SA and ISSO of account enabling actions.Tanium 7.3 Security Technical Implementation Guide V-254929CAT IITanium must notify the system administrator (SA) and information system security officer (ISSO) of account enabling actions.Tanium 7.x Application on TanOS Security Technical Implementation Guide V-254860CAT IITanium must audit and notify system administrators (SAs) and information system security officers (ISSOs) when accounts are enabled.Tanium 7.x Operating System on TanOS Security Technical Implementation Guide V-253827CAT IITanium must notify the system administrator and information system security officer (ISSO) of account enabling actions.Tanium 7.x Security Technical Implementation Guide V-241156CAT IITrend Deep Security must notify SA and ISSO of account enabling actions.Trend Micro Deep Security 9.x Security Technical Implementation Guide V-240500CAT IIThe SLES for vRealize must notify System Administrators and Information System Security Officers when accounts are created, or enabled when previously disabled.VMware vRealize Automation 7.x SLES Security Technical Implementation Guide V-239594CAT IIThe SLES for vRealize must notify System Administrators and Information System Security Officers when accounts are created, or enabled when previously disabled.VMware vRealize Operations Manager 6.x SLES Security Technical Implementation Guide V-256337CAT IIThe vCenter Server must provide an immediate real-time alert to the system administrator (SA) and information system security officer (ISSO), at a minimum, on every Single Sign-On (SSO) account action.VMware vSphere 7.0 vCenter Security Technical Implementation Guide V-258923CAT IIThe vCenter Server must provide an immediate real-time alert to the system administrator (SA) and information system security officer (ISSO), at a minimum, on every Single Sign-On (SSO) account action.VMware vSphere 8.0 vCenter Security Technical Implementation Guide