STIGhubSTIGhub
STIGsSearchCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 4 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to HPE Aruba Networking AOS NDM Security Technical Implementation Guide

V-266908

CAT II (Medium)

AOS must automatically audit account creation.

Rule ID

SV-266908r1039745_rule

STIG

HPE Aruba Networking AOS NDM Security Technical Implementation Guide

Version

V1R1

CCIs

CCI-000018, CCI-001403, CCI-001404, CCI-001405, CCI-000172, CCI-002130, CCI-001814

Discussion

Upon gaining access to a network device, an attacker will often first attempt to create a persistent method of reestablishing access. One way to accomplish this is to create a new account. Notification of account creation helps to mitigate this risk. Auditing account creation provides the necessary reconciliation that account management procedures are being followed. Without this audit trail, personnel without the proper authorization may gain access to critical network nodes. Satisfies: SRG-APP-000026-NDM-000208, SRG-APP-000027-NDM-000209, SRG-APP-000028-NDM-000210, SRG-APP-000029-NDM-000211, SRG-APP-000091-NDM-000223, SRG-APP-000319-NDM-000283, SRG-APP-000381-NDM-000305, SRG-APP-000495-NDM-000318, SRG-APP-000503-NDM-000320, SRG-APP-000505-NDM-000322

Check Content

Verify the AOS configuration with the following command: 
show logging level 
 
If the security logging level is not set to debug, this is a finding.

Fix Text

Configure AOS with the following commands: 
configure terminal 
logging security level debug 
write memory