STIGQter: STIG Summary: Network Device Management Security Requirements Guide Version: 4 Release: 1 Benchmark Date: 23 Apr 2021:

The network device must audit the enforcement actions used to restrict access associated with changes to the device.

DISA Rule

SV-202107r400009_rule

Vulnerability Number

V-202107

Group Title

SRG-APP-000381

Rule Version

SRG-APP-000381-NDM-000305

Severity

CAT II

CCI(s)

• CCI-001814 - The Information system supports auditing of the enforcement actions.

Weight

10

Fix Recommendation

Configure the network device to audit the enforcement actions used to restrict access associated with changes to the device.

Check Contents

Determine if the network device audits the enforcement actions used to restrict access associated with changes to the device. This requirement may be verified by demonstration, configuration review or validated test results.

If the network device does not audit the enforcement actions used to restrict access associated with changes to the device, this is a finding.

Vulnerability Number

V-202107

Documentable

False

Rule Version

SRG-APP-000381-NDM-000305

Severity Override Guidance

Determine if the network device audits the enforcement actions used to restrict access associated with changes to the device. This requirement may be verified by demonstration, configuration review or validated test results.

If the network device does not audit the enforcement actions used to restrict access associated with changes to the device, this is a finding.

Check Content Reference

M

Target Key

2890

Comments