STIGQter STIGQter: STIG Summary: Cisco ISE NDM Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 13 Apr 2021:

For the local account of last resort, the Cisco ISE must display the Standard Mandatory DoD Notice and Consent Banner before granting access to the device.

DISA Rule

SV-242618r714164_rule

Vulnerability Number

V-242618

Group Title

SRG-APP-000068-NDM-000215

Rule Version

CSCO-NM-000120

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Configure the administrative sessions login banner to display when users access the web or CLI interface that appears before and after an administrator logs in. By default, these login banners are disabled.

1. From the web management tool, click on Administration >> System >> Admin Access >> Settings >> Access >> Session.
2. To display the banner message before an administrator logs in, check the Pre-login banner check box and enter the message in the text box.
3. To display the banner message after an administrator logs in, check the Post-login banner check box and enter your message in the text box.
4. Click "Save".

Check Contents

Determine if the network device is configured to present a DoD-approved banner that is formatted in accordance with DTM-08-060.

In the configuration, view the "banner login" configuration.

If such a banner is not presented, this is a finding.

Vulnerability Number

V-242618

Documentable

False

Rule Version

CSCO-NM-000120

Severity Override Guidance

Determine if the network device is configured to present a DoD-approved banner that is formatted in accordance with DTM-08-060.

In the configuration, view the "banner login" configuration.

If such a banner is not presented, this is a finding.

Check Content Reference

M

Target Key

5384

Comments