Xylok Security Suite must not allow local user or groups.

Severity	Group ID	Group Title	Version	Rule ID	Date	STIG Version
medium	V-269581	SRG-APP-000328	XYLK-20-000137	SV-269581r1054095_rule	2024-12-13	1

Description
Active Directory’s (AD's) design to create but not delete local groups supports operational efficiency, system integrity, and compliance needs. Manual checks will help identify user accounts that are no longer active or orphaned accounts which could pose security risks. Within Xylok there must not be a local users/groups. Manually verifying local users and groups ensures that unauthorized users do not gain access to sensitive resources. Satisfies: SRG-APP-000328, SRG-APP-000715, SRG-APP-000720, SRG-APP-000725, SRG-APP-000730, SRG-APP-000735

Description

Active Directory’s (AD's) design to create but not delete local groups supports operational efficiency, system integrity, and compliance needs. Manual checks will help identify user accounts that are no longer active or orphaned accounts which could pose security risks. Within Xylok there must not be a local users/groups. Manually verifying local users and groups ensures that unauthorized users do not gain access to sensitive resources. Satisfies: SRG-APP-000328, SRG-APP-000715, SRG-APP-000720, SRG-APP-000725, SRG-APP-000730, SRG-APP-000735

ℹ️ Check
Verify the local accounts and groups are associated with AD and that user privileges are correct. Check accounts as a logged in administrator in Xylok. 1. Verify there are no local users. Navigate to User Menu <username> >> Database Admin >> Users. If any local user(s) exist or users(s) are not current in AD, this is a finding. If any users have privileged access that do not require that access, this is a finding. 2. Verify there are no removed or local groups. Navigate to User Menu <username> >> Database Admin >> Groups . Verify the only groups exist are created by AD and are currently being used by AD. If any groups exist that are not actively being used by AD, this is a finding.

ℹ️ Check

Verify the local accounts and groups are associated with AD and that user privileges are correct. Check accounts as a logged in administrator in Xylok. 1. Verify there are no local users. Navigate to User Menu <username> >> Database Admin >> Users. If any local user(s) exist or users(s) are not current in AD, this is a finding. If any users have privileged access that do not require that access, this is a finding. 2. Verify there are no removed or local groups. Navigate to User Menu <username> >> Database Admin >> Groups . Verify the only groups exist are created by AD and are currently being used by AD. If any groups exist that are not actively being used by AD, this is a finding.

✔️ Fix
Delete unused or local groups/users. 1. As a logged in administrator in Xylok, navigate to User Menu <username> >> Database Admin >> Users. 2. Select User(s) to delete. 3. Click on down arrow in "Action". 4. Select "Delete selected users" 5. Click "Go". 6. Click "Yes, I'm sure". 7. Delete Group. 8. As a logged in administrator in Xylok, navigate to User Menu <username> >> Database Admin >> Groups. 9. Select Group(s) to delete. 10. Click on down arrow in "Action". 11. Select "Delete selected users". 12. Click "Go". 13. Click "Yes, I'm sure".

✔️ Fix

Delete unused or local groups/users. 1. As a logged in administrator in Xylok, navigate to User Menu <username> >> Database Admin >> Users. 2. Select User(s) to delete. 3. Click on down arrow in "Action". 4. Select "Delete selected users" 5. Click "Go". 6. Click "Yes, I'm sure". 7. Delete Group. 8. As a logged in administrator in Xylok, navigate to User Menu <username> >> Database Admin >> Groups. 9. Select Group(s) to delete. 10. Click on down arrow in "Action". 11. Select "Delete selected users". 12. Click "Go". 13. Click "Yes, I'm sure".