STIGhubSTIGhub
STIGsRMF ControlsCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • RMF Controls
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 3 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to Nutanix Acropolis GPOS Security Technical Implementation Guide

V-279548

CAT III (Low)

Nutanix OS must display the Standard Mandatory DOD Notice and Consent Banner until users acknowledge the usage conditions and take explicit actions to log on for further access.

Rule ID

SV-279548r1192062_rule

STIG

Nutanix Acropolis GPOS Security Technical Implementation Guide

Version

V1R1

CCIs

CCI-000050CCI-000048CCI-000050

Discussion

The banner must be acknowledged by the user prior to allowing the user access to the operating system. This provides assurance that the user has seen the message and accepted the conditions for access. If the consent banner is not acknowledged by the user, DOD will not be in compliance with system use notifications required by law. To establish acceptance of the application usage policy, a click-through banner at system logon is required. The system must prevent further activity until the user executes a positive action to manifest agreement by clicking on a box indicating "OK". Satisfies: SRG-OS-000024-GPOS-00007, SRG-OS-000023-GPOS-00006, SRG-OS-000024-GPOS-00007

Check Content

Verify the banner is enabled and configured to display the Standard Mandatory DOD Notice Consent Banner upon local login.

1. For Files only, verify the value of the Enable Banner is not "true".

$ afs security.get_security_config
    Enable Aide               : true
    Enable Core               : false
    Enable High Strength P... : true
    Enable Banner             : true

2. For all OS configurations, verify the banner displays the Standard Mandatory DOD Notice Consent Banner.

$ sudo more /etc/issue

If the banner is not set to display the DOD Consent Banner, this is a finding.

Fix Text

1. For Nutanix Files only, enable the banner using the following command.

$ afs security.edit_security_config enable_banner=enable

2. For AOS, AHV, and Prism Central, configure the Standard Mandatory DOD Notice and Consent Banner using the following command.

$ ncli cluster edit-cvm-security-params enable-banner=true'

3. Enter the following banner for all OS components:

"You are accessing a U.S. Government (USG) Information System (IS) that is provided for USG-authorized use only.

By using this IS (which includes any device attached to this IS), you consent to the following conditions:

-The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations.

-At any time, the USG may inspect and seize data stored on this IS.

-Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose.

-This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy.

-Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details."