STIGQter: STIG Summary: Arista MLS DCS-7000 Series NDM Security Technical Implementation Guide Version: 1 Release: 3 Benchmark Date: 25 Oct 2019:

The Arista Multilayer Switch must generate audit records for all account creations, modifications, disabling, and termination events.

DISA Rule

SV-75337r1_rule

Vulnerability Number

V-60879

Group Title

SRG-APP-000509-NDM-000324

Rule Version

AMLS-NM-000390

Severity

CAT II

CCI(s)

• CCI-000172 - The information system generates audit records for the events defined in AU-2 d. with the content defined in AU-3.

Weight

10

Fix Recommendation

Configure the network device to generate audit records for all account creations, modifications, disabling, and termination events.

Enable logging level 6 to ensure this event is captured:

Switch(config)#logging trap 6
switch(config)#logging level all 6

Check Contents

Determine if the network device generates audit records for all account creations, modifications, disabling, and termination events.

If the network device does not generate audit records for all account creations, modifications, disabling, and termination events, this is a finding.

Verify by reviewing log files to show audit records for account creation, modification, disabling, and termination via the "Show Logging" command.

Vulnerability Number

V-60879

Documentable

False

Rule Version

AMLS-NM-000390

Severity Override Guidance

Determine if the network device generates audit records for all account creations, modifications, disabling, and termination events.

If the network device does not generate audit records for all account creations, modifications, disabling, and termination events, this is a finding.

Verify by reviewing log files to show audit records for account creation, modification, disabling, and termination via the "Show Logging" command.

Check Content Reference

M

Target Key

2825

Comments