Interior routing protocols are not authenticated - 'RIP Check' | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | |
NET-IPV6-066 - 6-to-4 router not filtering invalid source address - 'ipv6 traffic-filter IPV6_EGRESS_ACL in' | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET-NAC-009 - The switch must be configured to use 802.1x authentication on host facing access switch ports. '802.1x authentication' | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | IDENTIFICATION AND AUTHENTICATION |
NET-NAC-009 - The switch must be configured to use 802.1x authentication on host facing access switch ports. 'system-auth-control' | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | IDENTIFICATION AND AUTHENTICATION |
NET-NAC-031 | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | |
NET-NAC-032 - Switchport does not shutdown on a violation | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | SYSTEM AND INFORMATION INTEGRITY |
NET-TUNL-017 - ISATAP tunnels must terminate at interior router | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | |
NET-VLAN-009 - Access switchports are assigned to the native VLAN | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | |
NET0240 - Devices exist with standard default passwords | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | |
NET0400 - Interior routing protocols are not authenticated - 'EIGRP (Interface Check - authentication key-chain)' | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET0400 - Interior routing protocols are not authenticated - 'EIGRP (Interface Check - authentication mode)' | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET0400 - Interior routing protocols are not authenticated - 'EIGRP (Key-Chain Check)' | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | IDENTIFICATION AND AUTHENTICATION |
NET0400 - Interior routing protocols are not authenticated - 'RIPv2 (Interface Check - authentication mode)' | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET0405 - A service or feature that calls home to the vendor must be disabled. | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | ACCESS CONTROL |
NET0422 - Keys expiration exceeds 180 days. | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | IDENTIFICATION AND AUTHENTICATION |
NET0433 - The device is not authenticated using a AAA server - 'aaa new-model' | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, IDENTIFICATION AND AUTHENTICATION |
NET0433 - The device is not authenticated using a AAA server - 'tacacs-server host(s) - more than 2 hosts exist' | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | IDENTIFICATION AND AUTHENTICATION |
NET0700 - Operating system is not at a current release level | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | CONFIGURATION MANAGEMENT |
NET0812 - Two NTP servers are not used to synchronize time - 'First NTP Server' | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | AUDIT AND ACCOUNTABILITY |
NET0812 - Two NTP servers are not used to synchronize time - 'ntp multicast client MULTICAST_IP_1' | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | CONFIGURATION MANAGEMENT |
NET0812 - Two NTP servers are not used to synchronize time - 'ntp update-calendar' | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | AUDIT AND ACCOUNTABILITY |
NET0812 - Two NTP servers are not used to synchronize time - 'Second NTP Server' | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | AUDIT AND ACCOUNTABILITY |
NET0894 - Network element must only allow SNMP read access - 'SNMP v3 auth' | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
NET0902 - FTP/TFTP traffic does not use loopback - 'ip ftp source-interface Loopback0' | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET0965 - Devices not configured to filter and drop half-open connections | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET0966 - Control plan protection is not enabled - 'inbound ACL option' | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | |
NET0966 - Control plan protection is not enabled - 'Steps 1 - 3' | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | |
NET0989 - Management traffic leaks into the managed network - 'OOBM Interface (ip access-list ACL_LIST in)' | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET0992 - The management interface does not have an ACL - 'Step 2 (access-list MGMT_INGRESS_ACL deny)' | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET0994 - Management interface is assigned to a user VLAN - 'access mode' | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET0997 - The management VLAN is not pruned from trunk links | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | |
NET1007 - Management traffic is not classified and marked - 'Interface Configured (service-policy input DIST_LAYER_POLICY)' | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | CONFIGURATION MANAGEMENT |
NET1007 - Management traffic is not classified and marked - 'ip access-list extended MGMT_TRAFFIC_CLASSIFICATION_ACL permit' | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET1020 - Interface ACL deny statements are not logged | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET1021 - The network element must log all messages except debugging. - 'Logging trap' | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | AUDIT AND ACCOUNTABILITY |
NET1623 - Authentication required for console access - 'AUX port (login authentication AUTH_LIST)' | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | ACCESS CONTROL |
NET1629 - The auxiliary port is not disabled | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | CONFIGURATION MANAGEMENT |
NET1637 - Management connections are not restricted - 'VTY port (access-list VTY_ACL deny any log)' | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET1638 - Management connections must be secured by FIPS 140-2 -'ip http secure-server' | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET1638 - Management connections must be secured by FIPS 140-2 -'ip scp secure-server' | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET1640 - Management connections must be logged | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | AUDIT AND ACCOUNTABILITY |
NET1645 - SSH session timeout is not 60 seconds or less | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | ACCESS CONTROL |
NET1646 - SSH login attempts value is greater than 3 - 'ip ssh authentication-retries not found' | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | ACCESS CONTROL |
NET1660 - An insecure version of SNMP is being used | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | CONFIGURATION MANAGEMENT |
NET1665 - Using default SNMP community names - 'Community set to Public or Private' | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | IDENTIFICATION AND AUTHENTICATION |
NET1807 - Management traffic is not restricted - 'Interface crypto map configured (crypto map MYVPN)' | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
NET1808 - Remote VPN end-point not a mirror of local gateway | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | |
SNMPv2 CONFIG IF STATEMENT | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | |
SNMPv3 CONFIG IF STATEMENT | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | |
SNMPv3 with ACL is configured Check for ACL Configuration | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | |