DISA_STIG_MSSQL_2012_Instance-OS_v1r20.audit from DISA Microsoft SQL Server Instance 2012 v1r20 STIG | DISA STIG SQL Server 2012 Database OS Audit v1r20 | Windows | |
NET-IPV6-065 - The 6-to-4 router is not filtering protocol 41 - 'ip access-list IPV4_EGRESS_FILTER' | DISA STIG Cisco Infrastructure Router and L3 Switch v8r28 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET-IPV6-065 - The 6-to-4 router is not filtering protocol 41 - 'tunnel mode ipv6ip 6to4' | DISA STIG Cisco Infrastructure Router and L3 Switch v8r28 | Cisco | ACCESS CONTROL |
NET-IPV6-066 - 6-to-4 router not filtering invalid source address - 'ipv6 traffic-filter IPV6_EGRESS_ACL in' | DISA STIG Cisco Infrastructure Router and L3 Switch v8r28 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET-MCAST-010 - No Admin-local or Site-local boundary - 'ipv6 multicast boundary scope 5' | DISA STIG Cisco Infrastructure Router and L3 Switch v8r28 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET-VLAN-024 - Restricted VLAN not assigned to non-802.1x device. | DISA STIG Cisco Infrastructure Router and L3 Switch v8r28 | Cisco | |
NET0230 - Network element is not password protected | DISA STIG Cisco Infrastructure Router and L3 Switch v8r28 | Cisco | IDENTIFICATION AND AUTHENTICATION |
NET0340 - Login banner is non-existent or not DoD approved - 'banner login' | DISA STIG Cisco Infrastructure Router and L3 Switch v8r28 | Cisco | ACCESS CONTROL |
NET0425 - An Infinite Lifetime key has not been implemented - 'Ensure rotating keys are not set to send-lifetime infinite - Key 1' | DISA STIG Cisco Infrastructure Router and L3 Switch v8r28 | Cisco | IDENTIFICATION AND AUTHENTICATION |
NET0425 - An Infinite Lifetime key has not been implemented - 'Ensure rotating keys are not set to send-lifetime infinite - Key 2' | DISA STIG Cisco Infrastructure Router and L3 Switch v8r28 | Cisco | IDENTIFICATION AND AUTHENTICATION |
NET0425 - An Infinite Lifetime key has not been implemented - 'Third key set to send-lifetime infinite' | DISA STIG Cisco Infrastructure Router and L3 Switch v8r28 | Cisco | IDENTIFICATION AND AUTHENTICATION |
NET0440 - More than one local account is defined. | DISA STIG Cisco Infrastructure Router and L3 Switch v8r28 | Cisco | ACCESS CONTROL |
NET0470 - Unauthorized accounts are configured to access device | DISA STIG Cisco Infrastructure Router and L3 Switch v8r28 | Cisco | |
NET0720 - TCP and UDP small server services are not disabled - 'service udp-small-servers' | DISA STIG Cisco Infrastructure Router and L3 Switch v8r28 | Cisco | CONFIGURATION MANAGEMENT |
NET0724 - TCP Keep-Alives must be enabled | DISA STIG Cisco Infrastructure Router and L3 Switch v8r28 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET0730 - The finger service is not disabled | DISA STIG Cisco Infrastructure Router and L3 Switch v8r28 | Cisco | CONFIGURATION MANAGEMENT |
NET0760 - Configuration auto-loading must be disabled - 'book network' | DISA STIG Cisco Infrastructure Router and L3 Switch v8r28 | Cisco | SYSTEM AND INFORMATION INTEGRITY |
NET0781 - Gratuitous ARP must be disabled. | DISA STIG Cisco Infrastructure Router and L3 Switch v8r28 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET0790 - IP directed broadcast is not disabled. | DISA STIG Cisco Infrastructure Router and L3 Switch v8r28 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET0812 - Two NTP servers are not used to synchronize time - 'ntp broadcast client' | DISA STIG Cisco Infrastructure Router and L3 Switch v8r28 | Cisco | CONFIGURATION MANAGEMENT |
NET0890 - Network devices must only allow SNMPv3 access from addresses belonging to the management network. | DISA STIG Cisco Infrastructure Router and L3 Switch v8r28 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET0898 - Syslog traffic is not using loopback address - 'logging on' | DISA STIG Cisco Infrastructure Router and L3 Switch v8r28 | Cisco | AUDIT AND ACCOUNTABILITY |
NET0898 - Syslog traffic is not using loopback address - 'logging source-interface Loopback0' | DISA STIG Cisco Infrastructure Router and L3 Switch v8r28 | Cisco | AUDIT AND ACCOUNTABILITY |
NET0900 - SNMP traffic does not use loopback | DISA STIG Cisco Infrastructure Router and L3 Switch v8r28 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET0901 - Netflow traffic is not using loopback | DISA STIG Cisco Infrastructure Router and L3 Switch v8r28 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET0903 - Loopback address is not used as the iBGP source IP | DISA STIG Cisco Infrastructure Router and L3 Switch v8r28 | Cisco | |
NET0966 - Control plan protection is not enabled - 'Step 4: Verify that the CoPP policy is enabled. (service-policy)' | DISA STIG Cisco Infrastructure Router and L3 Switch v8r28 | Cisco | CONFIGURATION MANAGEMENT |
NET0987 - Managed network has access to OOBM gateway router - 'ip receive acl IP_RECEIVE_ACL' | DISA STIG Cisco Infrastructure Router and L3 Switch v8r28 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET0992 - The management interface does not have an ACL - 'Step 1 (Egress ACL)' | DISA STIG Cisco Infrastructure Router and L3 Switch v8r28 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET0992 - The management interface does not have an ACL - 'Step 1 (Ingress ACL)' | DISA STIG Cisco Infrastructure Router and L3 Switch v8r28 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET0994 - Management interface is assigned to a user VLAN - 'MGMT VLAN ID' | DISA STIG Cisco Infrastructure Router and L3 Switch v8r28 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET0997 - The management VLAN is not pruned from trunk links | DISA STIG Cisco Infrastructure Router and L3 Switch v8r28 | Cisco | |
NET1005 - No inbound ACL for mgmt network sub-interface - 'Sub-Interface Ingress ACL' | DISA STIG Cisco Infrastructure Router and L3 Switch v8r28 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET1007 - Management traffic is not classified and marked - 'ip access-list extended MGMT_TRAFFIC_CLASSIFICATION_ACL permit' | DISA STIG Cisco Infrastructure Router and L3 Switch v8r28 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET1007 - Management traffic is not classified and marked - 'policy-map DIST_LAYER_POLICY (set ip dscp DIST_LAYER_DSCP_VALUE)' | DISA STIG Cisco Infrastructure Router and L3 Switch v8r28 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET1021 - The network element must log all messages except debugging. - 'Logging buffered' | DISA STIG Cisco Infrastructure Router and L3 Switch v8r28 | Cisco | AUDIT AND ACCOUNTABILITY |
NET1021 - The network element must log all messages except debugging. - 'Logging on' | DISA STIG Cisco Infrastructure Router and L3 Switch v8r28 | Cisco | AUDIT AND ACCOUNTABILITY |
NET1624 - The console port does not timeout after 10 minutes | DISA STIG Cisco Infrastructure Router and L3 Switch v8r28 | Cisco | ACCESS CONTROL |
NET1637 - Management connections are not restricted - 'VTY port (access-list VTY_ACL permit VTY_AUTH_IP log)' | DISA STIG Cisco Infrastructure Router and L3 Switch v8r28 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET1638 - Management connections must be secured by FIPS 140-2 -'ip scp secure-server' | DISA STIG Cisco Infrastructure Router and L3 Switch v8r28 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET1640 - Management connections must be logged - login failure | DISA STIG Cisco Infrastructure Router and L3 Switch v8r28 | Cisco | AUDIT AND ACCOUNTABILITY |
NET1645 - SSH session timeout is not 60 seconds or less | DISA STIG Cisco Infrastructure Router and L3 Switch v8r28 | Cisco | ACCESS CONTROL |
NET1665 - Using default SNMP community names - 'Community set to Public or Private' | DISA STIG Cisco Infrastructure Router and L3 Switch v8r28 | Cisco | IDENTIFICATION AND AUTHENTICATION |
NET1675 - SNMP privilege and non-privileged access | DISA STIG Cisco Infrastructure Router and L3 Switch v8r28 | Cisco | |
NET1807 - Management traffic is not restricted - 'access list OOBM_VPN_ACL permit' | DISA STIG Cisco Infrastructure Router and L3 Switch v8r28 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET1808 - Remote VPN end-point not a mirror of local gateway | DISA STIG Cisco Infrastructure Router and L3 Switch v8r28 | Cisco | |
RADIUS Authentication traffic does not use loopback | DISA STIG Cisco Infrastructure Router and L3 Switch v8r28 | Cisco | |
SNMPv2 with ACL is configured Check for ACL Configuration | DISA STIG Cisco Infrastructure Router and L3 Switch v8r28 | Cisco | |
SNMPv3 with ACL is configured Check for ACL Configuration | DISA STIG Cisco Infrastructure Router and L3 Switch v8r28 | Cisco | |
TACACS Authentication traffic does not use loopback | DISA STIG Cisco Infrastructure Router and L3 Switch v8r28 | Cisco | |