STIGQter: STIG Summary: Juniper Router NDM Security Technical Implementation Guide Version: 1 Release: 5 Benchmark Date: 24 Jul 2020:

The Juniper router must be configured with a master password that is used to generate encrypted keys for shared secrets.

DISA Rule

SV-101299r1_rule

Vulnerability Number

V-91199

Group Title

SRG-APP-000516-NDM-000317

Rule Version

JUNI-ND-001460

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Configure the master password to be used to generate encrypted keys for shared secrets as shown in the example below.

[edit]
set system master-password plain-text-password
Master password: xxxxxxxxxx
Repeat master password: xxxxxxxxxx

Check Contents

Verify that a master password has been configured as by entering the following command:
show configuration system master-password

The output will appear as follows:
password-configured;

Note: The master password is hidden from the configuration.

If a master password has not been configured, this is a finding.

Vulnerability Number

V-91199

Documentable

False

Rule Version

JUNI-ND-001460

Severity Override Guidance

Verify that a master password has been configured as by entering the following command:
show configuration system master-password

The output will appear as follows:
password-configured;

Note: The master password is hidden from the configuration.

If a master password has not been configured, this is a finding.

Check Content Reference

M

Target Key

3381

Comments