Ensure 'Image Authenticity' is correct

Information

Verifies for digitally signed images that the running image is from a trusted source

Rationale:

The software image being a code can be vulnerable to many attacks such as malicious code injection in the software, the modification of the code installed in the ROM. In order to ensure that the image running is from a trusted source, the image is digitally signed and its certificate should be verified.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

* Step 1: Correct the errors on the hardware and software
* Step 2: Run the audit procedure until the system is compliant
* Step 3: Implement secure delivery of hardware and harden the software distribution server

See Also

https://www.cisco.com/c/en/us/td/docs/security/firepower/623/configuration/guide/fpmc-config-guide-v623.html

Item Details

Category: SYSTEM AND INFORMATION INTEGRITY

References: 800-53|SI-7

Plugin: Cisco

Control ID: 18f98f16a9c0962ee764df9a6d8003b153381bb5516e4fbc0e7fc05ed688b71c