STIGQter: STIG Summary: Router Security Requirements Guide Version: 4 Release: 2 Benchmark Date: 23 Apr 2021:

The router must be configured to produce audit records containing information to establish where the events occurred.

DISA Rule

SV-207120r604135_rule

Vulnerability Number

V-207120

Group Title

SRG-NET-000076

Rule Version

SRG-NET-000076-RTR-000001

Severity

CAT II

CCI(s)

• CCI-000132 - The information system generates audit records containing information that establishes where the event occurred.

Weight

10

Fix Recommendation

Configure the router to record the interface in the log record for packets being dropped.

Check Contents

The router must log all packets that have been dropped via the access control list (ACL).

If the router fails to log all packets that have been dropped via the ACL, this is a finding.

Log output must contain an interface name as to where the packet was filtered.

If the logged output does not contain an interface name as to where the packet was filtered, this is a finding.

Vulnerability Number

V-207120

Documentable

False

Rule Version

SRG-NET-000076-RTR-000001

Severity Override Guidance

The router must log all packets that have been dropped via the access control list (ACL).

If the router fails to log all packets that have been dropped via the ACL, this is a finding.

Log output must contain an interface name as to where the packet was filtered.

If the logged output does not contain an interface name as to where the packet was filtered, this is a finding.

Check Content Reference

M

Target Key

2917

Comments