Detections
Analytics
CIS Cisco NX-OS L2 v1.1.0
Audit Details
Name: CIS Cisco NX-OS L2 v1.1.0
Updated: 7/10/2024
Authority: CIS
Plugin: Cisco
Revision: 1.0
Estimated Item Count: 24
File Details
Filename: CIS_Cisco_NX-OS-v1.1.0_Level_2.audit
Size: 128 kB
Audit Items
| Description | Categories |
|---|---|
| 1.4.2 Configure Password Encryption | IDENTIFICATION AND AUTHENTICATION, MEDIA PROTECTION |
| 1.5.3 Configure SNMPv3 | CONFIGURATION MANAGEMENT, MAINTENANCE |
| 1.5.4 Configure SNMP Traps | CONFIGURATION MANAGEMENT, MAINTENANCE, SYSTEM AND INFORMATION INTEGRITY |
| 1.5.5 Configure SNMP Source Interface for Traps | CONFIGURATION MANAGEMENT, MAINTENANCE |
| 1.5.6 Do not Configure a Read Write SNMP Community String | CONFIGURATION MANAGEMENT, MAINTENANCE |
| 1.6.1 Ensure Syslog Logging is configured | AUDIT AND ACCOUNTABILITY |
| 1.6.2 Log all Successful and Failed Administrative Logins | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 1.6.3 Configure Netflow on Strategic Ports | AUDIT AND ACCOUNTABILITY, INCIDENT RESPONSE, SYSTEM AND INFORMATION INTEGRITY |
| 1.7.4 Configure NTP Authentication | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 1.8.1 Disable Power on Auto Provisioning (POAP) | CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.8.2 Disable iPXE (Pre-boot eXecution Environment) | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| 1.8.3 Set SSH Key Modulus Length | CONFIGURATION MANAGEMENT, MAINTENANCE |
| 1.9 Use Dedicated 'mgmt' Interface and VRF for Administrative Functions | CONFIGURATION MANAGEMENT, MAINTENANCE |
| 3.1.1.1 Configure EIGRP Authentication on all EIGRP Routing Devices | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| 3.1.2.2 If Possible, Limit the BGP Routes Accepted from Peers | CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.1.2.3 Configure BGP Authentication | ACCESS CONTROL, CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.1.3.2 Authenticate OSPF peers with MD5 authentication keys | ACCESS CONTROL, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.1.4.2 Create and use a single Loopback Address for Routing Protocol Peering | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| 3.1.4.3 Use Unicast Routing Protocols Only | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| 3.3.2 Configure Storm Control | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, INCIDENT RESPONSE, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 3.4.2 Configure CDP | CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.5.1 Basic Fiber Channel Configuration | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| 3.5.2 Configure FCoE Zoning | ACCESS CONTROL, CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.3 Configure Alerts on all Configuration Changes | CONFIGURATION MANAGEMENT |