STIGQter STIGQter: STIG Summary: Cisco IOS XE Router RTR Security Technical Implementation Guide Version: 2 Release: 2 Benchmark Date: 23 Apr 2021:

The Cisco router must be configured to disable the auxiliary port unless it is connected to a secured modem providing encryption and authentication.

DISA Rule

SV-216661r531086_rule

Vulnerability Number

V-216661

Group Title

SRG-NET-000019-RTR-000001

Rule Version

CISC-RT-000230

Severity

CAT III

CCI(s)

Weight

10

Fix Recommendation

Disable the auxiliary port.

R2(config)#line aux 0
R2(config-line)#no exec
R2(config-line)#transport input none

Check Contents

Review the configuration and verify that the auxiliary port is disabled unless a secured modem providing encryption and authentication is connected to it.

line aux 0
no exec

Note: transport input none is the default; hence it will not be shown in the configuration.

If the auxiliary port is not disabled or is not connected to a secured modem when it is enabled, this is a finding.

Vulnerability Number

V-216661

Documentable

False

Rule Version

CISC-RT-000230

Severity Override Guidance

Review the configuration and verify that the auxiliary port is disabled unless a secured modem providing encryption and authentication is connected to it.

line aux 0
no exec

Note: transport input none is the default; hence it will not be shown in the configuration.

If the auxiliary port is not disabled or is not connected to a secured modem when it is enabled, this is a finding.

Check Content Reference

M

Target Key

4028

Comments