STIGhubSTIGhub
STIGsRMF ControlsCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • RMF Controls
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 3 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to Nutanix Acropolis GPOS Security Technical Implementation Guide

V-279581

CAT II (Medium)

Nutanix OS must enforce a delay of at least four seconds between logon prompts following a failed logon attempt.

Rule ID

SV-279581r1192447_rule

STIG

Nutanix Acropolis GPOS Security Technical Implementation Guide

Version

V1R1

CCIs

CCI-000044

Discussion

Limiting the number of logon attempts over a certain time interval reduces the chances that an unauthorized user may gain access to an account.

Check Content

Verify Nutanix OS enforces a delay of at least four seconds between console logon prompts following a failed logon attempt using the following command.

$ sudo grep -i fail_delay /etc/login.defs
FAIL_DELAY 4

If the value of "FAIL_DELAY" is not set to "4" or greater, or the line is commented out, this is a finding.

Fix Text

Configure the use of complex passwords for Nutanix OS VMs.

1. For AOS, configure the use of complex passwords using the following command.

$ sudo salt-call state.sls security/CVM/pamCVM.sls

2. For Prism Central, configure the use of complex passwords using the following command.

$ sudo salt-call state.sls security/PCVM/pamPCVM.sls

3. For Files, configure the use of complex passwords using the following command.

$ sudo salt-call state.sls security/AFS/pamAFS.sls

4. For Prism Central, configure the use of complex passwords using the following command.

$ ncli cluster edit-hypervisor-security-params enable-high-strength-password=true