Jun 10, 2019 Miscellaneous- Audit deprecated.
- Metadata updated.
|
Feb 6, 2019 Miscellaneous- Metadata updated.
- References updated.
|
Dec 12, 2018 Informational Update- NET-IPV6-016 - IPv6 Filter ICMPv6 on external interface
- NET-IPV6-044 - Split Domain IPv6 interface has 6to5 tunnel
- NET-IPV6-045 - Split Domain IPv4 interface has 6to5 tunnel
- NET-IPV6-046 - Split Domain has IPv6 transition mechanism
- NET-IPV6-047 - IPv4 Interfaces in NAT-PT receive IPv6
- NET-IPV6-048 - Tunneled IPv4 in IPv6 traffic in NAT-PT
- NET-TUNL-017 - ISATAP tunnels must terminate at interior router
- NET0167 - AG must adhere to PPS boundary 13 and 14 policies
- NET0180 - Non-registered or unauthorized IP address
- NET0185 - Unauthorized addresses within SIPRNet enclave
- NET0240 - Devices exist that have standard default passwords
- NET0412 - Unique keys are not used for eBGP authentication
- NET0422 - Keys expiration exceeds 180 days.
- NET0460 - Group accounts or user accounts without passwords - 'Group Accounts'
- NET0465 - Assign lowest privilege level to user accounts
- NET0470 - Unnecessary or unauthorized accounts exist.
- NET0910 - Perimeter is not compliant with DOD Instr. 8551.1
- NET0928 - Advertising unauthorized Bogon addresses
- NET0950 - uRPF strict mode not enabled on egress interface - 'uRFP Not Enabled'
- NET0966 - Control plan protection is not enabled - 'Steps 1 - 3'
- NET0985 - IGP instances do not peer with appropriate domain
- NET0987 - Managed network has access to OOBM gateway router - 'Review OOBM_EGRESS_ACL'
- NET0993 - The management interface is not IGP passive
- NET1005 - No inbound ACL for mgmt network sub-interface - 'Sub-Interface Ingress ACL Permit/Deny'
- NET1007 - Management traffic is not classified marked
- NET1008 - Management traffic doesn't get preferred treatment
- NET1030 - Run and startup configs are not synchronized
- NET1071 - TFTP server access is not restricted
- NET1675 - SNMP privilege and non-privileged access
- NET1800 - IPSec VPN is not configured as a tunnel type VPN
- NET1808 - Remote VPN end-point not a mirror of local gateway
- NET1935 - More than one IPv6 to IPv4 tunnel defined
- NET1942 - IPv6 must be filtered on non IPv6 interfaces
- NET1970 - PAT is vulnerable to DNS cache poisoning
Miscellaneous- Metadata updated.
- References updated.
|