SV-77471r1_rule
V-62981
SRG-APP-000411-NDM-000330
RICX-DM-000134
CAT II
10
Configure RiOS to implement cryptographic mechanisms to protect the integrity of nonlocal maintenance and diagnostic communications.
Navigate to the device CLI
Type: enable
Type: config t
Type: no telnet-server enable
Type: ssh server enable
Type: ssh server allowed-cyphers aes128-cbc, 3des-cbc,aes192-cbc,aes256-cbc,aes128-ctr,aes192-ctr,aes256-ctr
Type: web enable
Type: no web http enable
Type: web https enable
Type: write memory
Type: exit
Type: exit
Verify that RiOS is configured to implement cryptographic mechanisms to protect the integrity of nonlocal maintenance and diagnostic communications.
Navigate to the device CLI
Type: enable
Type: show configuration full
Verify that "no telnet-server enable" is in the configuration
Verify that "ssh server enable" is set in the configuration
Verify that "web enable" is in the configuration
Verify that "no web http enable" is in the configuration
Verify that "web https enable" is in the configuration
If any one of the above settings is missing from the configuration, this is a finding.
V-62981
False
RICX-DM-000134
Verify that RiOS is configured to implement cryptographic mechanisms to protect the integrity of nonlocal maintenance and diagnostic communications.
Navigate to the device CLI
Type: enable
Type: show configuration full
Verify that "no telnet-server enable" is in the configuration
Verify that "ssh server enable" is set in the configuration
Verify that "web enable" is in the configuration
Verify that "no web http enable" is in the configuration
Verify that "web https enable" is in the configuration
If any one of the above settings is missing from the configuration, this is a finding.
M
2931