| Interior routing protocols are not authenticated - 'RIP Check' | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | |
| NET-IPV6-066 - 6-to-4 router not filtering invalid source address - 'ipv6 traffic-filter IPV6_EGRESS_ACL in' | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| NET-NAC-009 - The switch must be configured to use 802.1x authentication on host facing access switch ports. '802.1x authentication' | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| NET-NAC-009 - The switch must be configured to use 802.1x authentication on host facing access switch ports. 'system-auth-control' | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| NET-NAC-031 | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | |
| NET-NAC-032 - Switchport does not shutdown on a violation | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | SYSTEM AND INFORMATION INTEGRITY |
| NET-TUNL-017 - ISATAP tunnels must terminate at interior router | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | |
| NET-VLAN-009 - Access switchports are assigned to the native VLAN | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | |
| NET0240 - Devices exist with standard default passwords | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | |
| NET0400 - Interior routing protocols are not authenticated - 'EIGRP (Interface Check - authentication key-chain)' | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| NET0400 - Interior routing protocols are not authenticated - 'EIGRP (Interface Check - authentication mode)' | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| NET0400 - Interior routing protocols are not authenticated - 'EIGRP (Key-Chain Check)' | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| NET0400 - Interior routing protocols are not authenticated - 'RIPv2 (Interface Check - authentication mode)' | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| NET0405 - A service or feature that calls home to the vendor must be disabled. | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | ACCESS CONTROL |
| NET0422 - Keys expiration exceeds 180 days. | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| NET0433 - The device is not authenticated using a AAA server - 'aaa new-model' | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, IDENTIFICATION AND AUTHENTICATION |
| NET0433 - The device is not authenticated using a AAA server - 'tacacs-server host(s) - more than 2 hosts exist' | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| NET0700 - Operating system is not at a current release level | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | CONFIGURATION MANAGEMENT |
| NET0812 - Two NTP servers are not used to synchronize time - 'First NTP Server' | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | AUDIT AND ACCOUNTABILITY |
| NET0812 - Two NTP servers are not used to synchronize time - 'ntp multicast client MULTICAST_IP_1' | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | CONFIGURATION MANAGEMENT |
| NET0812 - Two NTP servers are not used to synchronize time - 'ntp update-calendar' | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | AUDIT AND ACCOUNTABILITY |
| NET0812 - Two NTP servers are not used to synchronize time - 'Second NTP Server' | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | AUDIT AND ACCOUNTABILITY |
| NET0894 - Network element must only allow SNMP read access - 'SNMP v3 auth' | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| NET0902 - FTP/TFTP traffic does not use loopback - 'ip ftp source-interface Loopback0' | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| NET0965 - Devices not configured to filter and drop half-open connections | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| NET0966 - Control plan protection is not enabled - 'inbound ACL option' | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | |
| NET0966 - Control plan protection is not enabled - 'Steps 1 - 3' | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | |
| NET0989 - Management traffic leaks into the managed network - 'OOBM Interface (ip access-list ACL_LIST in)' | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| NET0992 - The management interface does not have an ACL - 'Step 2 (access-list MGMT_INGRESS_ACL deny)' | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| NET0994 - Management interface is assigned to a user VLAN - 'access mode' | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| NET0997 - The management VLAN is not pruned from trunk links | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | |
| NET1007 - Management traffic is not classified and marked - 'Interface Configured (service-policy input DIST_LAYER_POLICY)' | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | CONFIGURATION MANAGEMENT |
| NET1007 - Management traffic is not classified and marked - 'ip access-list extended MGMT_TRAFFIC_CLASSIFICATION_ACL permit' | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| NET1020 - Interface ACL deny statements are not logged | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| NET1021 - The network element must log all messages except debugging. - 'Logging trap' | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | AUDIT AND ACCOUNTABILITY |
| NET1623 - Authentication required for console access - 'AUX port (login authentication AUTH_LIST)' | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | ACCESS CONTROL |
| NET1629 - The auxiliary port is not disabled | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | CONFIGURATION MANAGEMENT |
| NET1637 - Management connections are not restricted - 'VTY port (access-list VTY_ACL deny any log)' | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| NET1638 - Management connections must be secured by FIPS 140-2 -'ip http secure-server' | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| NET1638 - Management connections must be secured by FIPS 140-2 -'ip scp secure-server' | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| NET1640 - Management connections must be logged | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | AUDIT AND ACCOUNTABILITY |
| NET1645 - SSH session timeout is not 60 seconds or less | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | ACCESS CONTROL |
| NET1646 - SSH login attempts value is greater than 3 - 'ip ssh authentication-retries not found' | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | ACCESS CONTROL |
| NET1660 - An insecure version of SNMP is being used | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | CONFIGURATION MANAGEMENT |
| NET1665 - Using default SNMP community names - 'Community set to Public or Private' | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| NET1807 - Management traffic is not restricted - 'Interface crypto map configured (crypto map MYVPN)' | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| NET1808 - Remote VPN end-point not a mirror of local gateway | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | |
| SNMPv2 CONFIG IF STATEMENT | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | |
| SNMPv3 CONFIG IF STATEMENT | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | |
| SNMPv3 with ACL is configured Check for ACL Configuration | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | |
