STIGQter: STIG Summary: Network Infrastructure Policy Security Technical Implementation Guide Version: 9 Release: 10 Benchmark Date: 24 Jan 2020:

The organization must encrypt all network device configurations while stored offline.

DISA Rule

SV-28616r3_rule

Vulnerability Number

V-23735

Group Title

Configurations are stored unencrypted.

Rule Version

NET1050

Severity

CAT II

CCI(s)

• CCI-002345 - The organization defines the data storage objects that are to be protected against data mining attempts.

Weight

10

Fix Recommendation

Encrypt all network device configurations stored offline.

Check Contents

Inspect the network element configurations that have been stored offline.

If the configurations are not encrypted, this is a finding.

Vulnerability Number

V-23735

Documentable

False

Rule Version

NET1050

Severity Override Guidance

Inspect the network element configurations that have been stored offline.

If the configurations are not encrypted, this is a finding.

Check Content Reference

M

Responsibility

System Administrator

Target Key

838

Comments