Title: The DBMS must notify the user of the number of unsuccessful login attempts occurring during an organization defined time period.
Vulnerability ID: V-32345
IA Controls: None
Description: Users need to be aware of activity that occurs regarding their application account. Providing users with information regarding the number of successful attempts made to login to their account allows the user to determine if any unauthorized activity has occurred and gives them an opportunity to notify administrators.
This requirement is intended to cover both traditional logons to information systems and general accesses to information systems occurring in other types of architectural configurations (e.g., service oriented architectures).
Unauthorized access to DBMS accounts may go undetected if account access is not monitored. Authorized users may serve as a reliable party to report unauthorized use of their account.
Check Text: This requirement applies to interactive accounts only.
Test access reports upon login to DBMS user accounts. On some systems this information may be displayed at the OS login level. If the system displays this information at the OS level, this is not a finding.
If the number of unsuccessful attempts for an organization defined time period is not reported, this is a finding.
Fix Text: Implement an automated method to display, at interactive logon, the number of unsuccessful login attempts for an organization defined time period for users that access the database interactively.