Konica Minolta bizhub PRESS C8000 User Manual page 43
Bizhub press c8000 security user guide
Hide thumbs
Also See for bizhub PRESS C8000:
- Operation quick manual (180 pages) ,
- User manual (101 pages) ,
- Safety information manual (52 pages)
Table of Contents
Advertisement
2.4
Administrator Security Functions
No.
Operation
4
Print audit log/output all to USB
5
Change/Register CE password
6
Change/Register administrator pass-
word
7
Create user by administrator
8
Change/register user password by ad-
ministrator
9
Delete user by administrator
10
Change attributes of user by adminis-
trator
11
Password authentication for user
12
Change attributes of user by user (user
password, etc.)
13
Change HDD lock password
14
(not used)
15
Access to stored job
(Printing hold/HDD store job, recalling
HDD store job to hold job, storing hold
job on HDD)
16
Delete stored job
*1
: Audit log ID will be saved as user ID when user authentication is successfully made, or when password
inconformity occurs with a registered user name.
*2
: Audit log ID will be saved as unregistered user ID when authentication failure occurs with an unregistered
user name.
The purpose of analyzing the audit log is to understand the following and implement countermeasures:
-
Whether or not data was accessed or tampered with
-
Subject of attack
-
Details of attack
-
Result of attack
For specific analysis methods, see the next page.
Specifying unauthorized actions: password authentication
If logs have NG as the result of password authentication (action: 01, 02, 11), items protected by passwords
may have been attacked.
-
Failed password authentication (NG) log entries specify who made the operation, and show if unauthor-
ized actions were made when password authentication failed.
-
Even if password authentication succeeded (OK), you may need to check whether a legitimate user cre-
ated the action. Careful check is recommended especially when successful authentication occurs after
series of failures, or for those made during times other than normal operating hours.
Specifying unauthorized actions: actions other than password authentica-
tion
Since all operation results other than password authentication are indicated as successful (OK), use ID and
action to determine if any unauthorized actions were made.
Check the time of operation, and see if the user who operated the specific subject made any unauthorized
actions.
Remedy for unauthorized operations
If you find that a password has leaked out after analyzing the audit log, change the password immediately.
bizhub PRESS C8000
Audit ID
CE ID/Administrator ID
CE ID
CE ID/Administrator ID
User ID
User ID
User ID
User ID
*1
User ID
/Unregistered
*2
user ID
User ID
Administrator ID
User ID
User ID
2
Stored ac-
Result
tion
04
OK
05
OK
06
OK
07
OK
08
OK
09
OK
10
OK
11
OK/NG
12
OK
19
OK
15
OK
16
OK
2-36
Hide quick links:
Advertisement
Table of Contents
