Detections
Analytics

Item Search

NameAudit NamePluginCategory
3.10.30.1 (L1) Ensure 'Enable RPC Endpoint Mapper Client Authentication' is set to 'Enabled'CIS Microsoft Intune for Windows 11 v3.0.1 L1Windows

CONFIGURATION MANAGEMENT

aaa authDISA STIG Cisco IOS XE Switch NDM v3r2Cisco
access-class denyDISA STIG Cisco IOS XE Switch NDM v3r2Cisco
AMLS-L3-000220 - The Arista Multilayer Switch must enable neighbor router authentication for control plane protocols except RIP - IS-IS auth modeDISA STIG Arista MLS DCS-7000 Series RTR v1r4Arista

ACCESS CONTROL, CONFIGURATION MANAGEMENT

AMLS-L3-000220 - The Arista Multilayer Switch must enable neighbor router authentication for control plane protocols except RIP - IS-IS md5 keyDISA STIG Arista MLS DCS-7000 Series RTR v1r4Arista

ACCESS CONTROL, CONFIGURATION MANAGEMENT

AMLS-L3-000250 - Check for ipv6 router OSPFDISA STIG Arista MLS DCS-7000 Series RTR v1r4Arista
AMLS-L3-000250 - The Arista Multilayer Switch must encrypt all methods of configured authentication for the OSPF routing protocol - ipv6 OSPF checksDISA STIG Arista MLS DCS-7000 Series RTR v1r4Arista

IDENTIFICATION AND AUTHENTICATION

AMLS-L3-000250 - The Arista Multilayer Switch must encrypt all methods of configured authentication for the OSPF routing protocol - ospf message-digestDISA STIG Arista MLS DCS-7000 Series RTR v1r4Arista

IDENTIFICATION AND AUTHENTICATION

Check for bpduguard default globallyDISA STIG Cisco NX-OS Switch L2S v3r2Cisco
Check for limited vtyDISA STIG Cisco IOS XE Switch NDM v3r2Cisco
Check snmp-server v3DISA STIG Cisco IOS XE Switch NDM v3r2Cisco
CISC-L2-000030 - The Cisco switch must authenticate all VLAN Trunk Protocol (VTP) messages with a hash function using the most secured cryptographic algorithm available.DISA STIG Cisco NX-OS Switch L2S v3r2Cisco

IDENTIFICATION AND AUTHENTICATION

CISC-L2-000100 - The Cisco switch must have BPDU Guard enabled on all user-facing or untrusted access switch ports.DISA STIG Cisco NX-OS Switch L2S v3r2Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

CISC-L2-000140 - The Cisco switch must have IP Source Guard enabled on all user-facing or untrusted access switch ports.DISA STIG Cisco NX-OS Switch L2S v3r2Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

CISC-L2-000160 - The Cisco switch must have Storm Control configured on all host-facing switchports.DISA STIG Cisco IOS XE Switch L2S v3r1Cisco

CONFIGURATION MANAGEMENT

CISC-L2-000190 - The Cisco switch must enable Unidirectional Link Detection (UDLD) to protect against one-way connections.DISA STIG Cisco NX-OS Switch L2S v3r2Cisco

CONFIGURATION MANAGEMENT

CISC-L2-000200 - The Cisco switch must have all trunk links enabled statically.DISA STIG Cisco IOS XE Switch L2S v3r1Cisco

CONFIGURATION MANAGEMENT

CISC-L2-000230 - The Cisco switch must have the default VLAN pruned from all trunk ports that do not require it.DISA STIG Cisco NX-OS Switch L2S v3r2Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

CISC-L2-000240 - The Cisco switch must not use the default VLAN for management traffic.DISA STIG Cisco NX-OS Switch L2S v3r2Cisco

CONTINGENCY PLANNING

CISC-ND-000010 - The Cisco switch must be configured to limit the number of concurrent management sessions to an organization-defined number.DISA STIG Cisco NX-OS Switch NDM v3r2Cisco

ACCESS CONTROL

CISC-ND-000090 - The Cisco switch must be configured to automatically audit account creation.DISA STIG Cisco NX-OS Switch NDM v3r2Cisco

ACCESS CONTROL

CISC-ND-000210 - The Cisco device must be configured to audit all administrator activity.DISA STIG Cisco IOS XE Switch NDM v3r2Cisco

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

CISC-ND-001410 - The Cisco switch must be configured to support organizational requirements to conduct backups of the configuration when changes occur.DISA STIG Cisco NX-OS Switch NDM v3r2Cisco

CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING

CISC-RT-000320 - The Cisco perimeter switch must be configured to filter traffic destined to the enclave in accordance with the guidelines contained in DoD Instruction 8551.1.DISA STIG Cisco IOS XE Switch RTR v3r1Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

CISC-RT-000320 - The Cisco perimeter switch must be configured to filter traffic destined to the enclave in accordance with the guidelines contained in DoD Instruction 8551.1.DISA STIG Cisco NX-OS Switch RTR v3r2Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

deny 10.0.0.0DISA STIG Cisco IOS Switch RTR v3r1Cisco
deny 192.0.0.0DISA STIG Cisco IOS Switch RTR v3r1Cisco
deny 192.18.0.0DISA STIG Cisco IOS Switch RTR v3r1Cisco
deny 198.51.100.0DISA STIG Cisco IOS Switch RTR v3r1Cisco
deny 224.0.0.0DISA STIG Cisco IOS Switch RTR v3r1Cisco
deny ip anyDISA STIG Cisco IOS Switch RTR v3r1Cisco
deny ipv6 any anyDISA STIG Cisco IOS Switch RTR v3r1Cisco
deny ruleDISA STIG Cisco IOS Switch RTR v3r1Cisco
dest-option-type 3DISA STIG Cisco IOS Switch RTR v3r1Cisco
dest-option-type 6DISA STIG Cisco IOS Switch RTR v3r1Cisco
dest-option-type 10DISA STIG Cisco IOS Switch RTR v3r1Cisco
dest-option-type 34DISA STIG Cisco IOS Switch RTR v3r1Cisco
dest-option-type 37DISA STIG Cisco IOS Switch RTR v3r1Cisco
dest-option-type 194DISA STIG Cisco IOS Switch RTR v3r1Cisco
dest-option-type 255DISA STIG Cisco IOS Switch RTR v3r1Cisco
feature udldDISA STIG Cisco NX-OS Switch L2S v3r2Cisco
interface dot1xDISA STIG Cisco IOS XE Switch L2S v3r1Cisco
interfacesDISA STIG Cisco NX-OS Switch L2S v3r2Cisco
ip dhcp snooping vlanDISA STIG Cisco IOS XE Switch L2S v3r1Cisco
ipv6 ingress aclDISA STIG Cisco IOS Switch RTR v3r1Cisco
line vtyDISA STIG Cisco IOS XE Switch NDM v3r2Cisco
logging userinfoDISA STIG Cisco IOS XE Switch NDM v3r2Cisco
mpls ldp neighborDISA STIG Cisco IOS Switch RTR v3r1Cisco
ntp authenticateDISA STIG Cisco IOS XE Switch NDM v3r2Cisco
snmp-server viewDISA STIG Cisco IOS XE Switch NDM v3r2Cisco