Interior routing protocols are not authenticated - 'EIGRP Check' | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | |
Interior routing protocols are not authenticated - 'IS-IS Check' | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | |
Interior routing protocols are not authenticated - 'OSPFv2 Check' | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | |
More than one local account is defined - aaa new-model | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | |
More than one local account is defined aaa auth | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | |
NET-IPV6-025 - IPv6 Site Local Unicast ADDR must not be defined | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | CONFIGURATION MANAGEMENT |
NET-IPV6-033 - IPv6 routers are not configured with CEF enabled | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | CONFIGURATION MANAGEMENT |
NET-IPV6-034 - IPv6 Egress Outbound Spoofing Filter - 'deny ipv6 any any log' | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET-IPV6-034 - IPv6 Egress Outbound Spoofing Filter - 'ipv6 verify unicast source reachable-via rx OUTBOUND_TO_BACKBONE' | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET-IPV6-065 - The 6-to-4 router is not filtering protocol 41 - 'ip access-list IPV4_EGRESS_FILTER' | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET-MCAST-001 - PIM enabled on wrong interfaces -'ip multicast-routing' | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | CONFIGURATION MANAGEMENT |
NET-MCAST-002 - PIM neighbor filter is not configured - 'ip pim neighbor-filter IP_PIM_NEIGHBORS_ACL' | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET-NAC-009 - The switch must be configured to use 802.1x authentication on host facing access switch ports. 'aaa authentication' | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | IDENTIFICATION AND AUTHENTICATION |
NET-NAC-009 - The switch must be configured to use 802.1x authentication on host facing access switch ports. 'radius-server host' | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | IDENTIFICATION AND AUTHENTICATION |
NET-TUNL-034 - L2TPv3 sessions are not authenticated - encapsulation check | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET-VLAN-004 - VLAN 1 is being used as a user VLAN - 'shutdown'. | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | ACCESS CONTROL |
NET0230 - Network element is not password protected | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | IDENTIFICATION AND AUTHENTICATION |
NET0340 - Network devices must display the DoD-approved logon banner warning. | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | ACCESS CONTROL |
NET0400 - Interior routing protocols are not authenticated - 'IS-IS (Interface Check - isis authentication mode)' | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET0400 - Interior routing protocols are not authenticated - 'IS-IS (Key-Chain Check)' | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | IDENTIFICATION AND AUTHENTICATION |
NET0400 - Interior routing protocols are not authenticated - 'RIPv2 (Key-Chain Check)' | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | IDENTIFICATION AND AUTHENTICATION |
NET0425 - An Infinite Lifetime key has not been implemented - 'Ensure rotating keys are not set to accept-lifetime infinite - Key 1' | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | IDENTIFICATION AND AUTHENTICATION |
NET0441 - Emergency administration account privilege level is not set. | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | IDENTIFICATION AND AUTHENTICATION |
NET0460 - Group accounts are defined | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | |
NET0600 - Passwords are viewable when displaying the config | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | IDENTIFICATION AND AUTHENTICATION |
NET0720 - TCP and UDP small server services are not disabled - 'service tcp-small-servers' | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | CONFIGURATION MANAGEMENT |
NET0720 - TCP and UDP small server services are not disabled - 'service udp-small-servers' | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | CONFIGURATION MANAGEMENT |
NET0726 - Identification support is enabled. | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | CONFIGURATION MANAGEMENT |
NET0730 - The finger service is not disabled | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | CONFIGURATION MANAGEMENT |
NET0740 - HTTP server is not disabled | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | CONFIGURATION MANAGEMENT |
NET0744 - BSDr commands are not disabled - rcp-enable | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | CONFIGURATION MANAGEMENT |
NET0770 - IP Source Routing is not disabled on all routers. | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET0781 - Gratuitous ARP must be disabled. | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET0812 - Two NTP servers are not used to synchronize time - 'ntp broadcast client' | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | CONFIGURATION MANAGEMENT |
NET0890 - Network devices must only allow SNMPv2 access from addresses belonging to the management network. | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET0890 - Network devices must only allow SNMPv3 access from addresses belonging to the management network. | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET0890 - Network devices must restrict SNMPv3 access to the management network. | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET0897 - RADIUS Authentication traffic does not use loopback interface. | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET0898 - Syslog traffic is not using loopback address - 'logging source-interface Loopback0' | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | AUDIT AND ACCOUNTABILITY |
NET0901 - Netflow traffic is not using loopback | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET0949 - Cisco Express Fowarding (CEF) not enabled on supported devices | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | CONFIGURATION MANAGEMENT |
NET0987 - Managed network has access to OOBM gateway router - 'Review IP_RECEIVE_ACL' | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | |
NET0989 - Management traffic leaks into the managed network - 'access-list OOBM_INGRESS_ACL permit' | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET0993 - The management interface is not IGP passive | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | |
NET1006 - IPSec traffic is not restricted - 'access-list IN_BAND_MGMT_VPN_ACL permit' | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET1007 - Management traffic is not classified and marked - 'policy-map DIST_LAYER_POLICY (set ip dscp DIST_LAYER_DSCP_VALUE)' | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET1021 - The network element must log all messages except debugging. - 'Debugging on' | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | AUDIT AND ACCOUNTABILITY |
NET1636 - Management connections must require passwords - 'VTY port (login authentication AUTH_LIST)' | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | ACCESS CONTROL |
NET1675 - SNMP privilege and non-privileged access | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | |
NET1800 - IPSec VPN is not configured as a tunnel type VPN | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | |