STIGQter: STIG Summary: DBN-6300 NDM Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 12 Sep 2017:

Applications used for nonlocal maintenance sessions must implement cryptographic mechanisms to protect the confidentiality of nonlocal maintenance and diagnostic communications.

DISA Rule

SV-91697r1_rule

Vulnerability Number

V-77001

Group Title

SRG-APP-000412-NDM-000331

Rule Version

DBNW-DM-000118

Severity

CAT II

CCI(s)

• CCI-003123 - The information system implements cryptographic mechanisms to protect the confidentiality of nonlocal maintenance and diagnostic communications.

Weight

10

Fix Recommendation

Configure the User Interface (UI) web management tool to use HTTPS for communications.

Navigate to Settings >> Initial Configuration >> Security.

Select the check box for "Enforce secure communications (SSL) for user interface access".

Click on "Commit".

Check Contents

Verify SSL is configured to use SSL for the web management tool.

Navigate to Settings >> Initial Configuration >> Security.

If the check box for "Enforce secure communications (SSL) for user interface access" is not checked, this is a finding.

Vulnerability Number

V-77001

Documentable

False

Rule Version

DBNW-DM-000118

Severity Override Guidance

Verify SSL is configured to use SSL for the web management tool.

Navigate to Settings >> Initial Configuration >> Security.

If the check box for "Enforce secure communications (SSL) for user interface access" is not checked, this is a finding.

Check Content Reference

M

Target Key

2947

Comments