| Checked | Name | Title |
|---|
| ☐ | SV-75271r1_rule | The Arista Multilayer Switch must have a local infrequently used account to be used as an account of last resort with full access to the network device. |
| ☐ | SV-75289r1_rule | The Arista Multilayer Switch account of last resort must have a password with a length of 15 characters. |
| ☐ | SV-75291r1_rule | The Arista Multilayer Switch must automatically audit account creation. |
| ☐ | SV-75293r1_rule | The Arista Multilayer Switch must automatically audit account modification. |
| ☐ | SV-75295r1_rule | The Arista Multilayer Switch must automatically audit account disabling actions. |
| ☐ | SV-75297r1_rule | The Arista Multilayer Switch must automatically audit account removal actions. |
| ☐ | SV-75299r1_rule | The Arista Multilayer Switch must display the Standard Mandatory DoD Notice and Consent Banner before granting access to the device. |
| ☐ | SV-75301r1_rule | The Arista Multilayer Switch must protect against an individual (or process acting on behalf of an individual) falsely denying having performed organization-defined actions to be covered by non-repudiation. |
| ☐ | SV-75303r1_rule | The Arista Multilayer Switch must generate audit records when successful/unsuccessful attempts to access privileges occur. |
| ☐ | SV-75305r1_rule | The Arista Multilayer Switch must produce audit log records containing sufficient information to establish what type of event occurred. |
| ☐ | SV-75307r1_rule | The Arista Multilayer Switch must generate audit records containing the full-text recording of privileged commands. |
| ☐ | SV-75309r1_rule | The Arista Multilayer Switch must be configured to prohibit the use of all unnecessary and/or nonsecure functions, ports, protocols, and/or services, as defined in the PPSM CAL and vulnerability assessments. |
| ☐ | SV-75311r1_rule | The Arista Multilayer Switch must use multifactor authentication for local access to privileged accounts. |
| ☐ | SV-75315r1_rule | The Arista Multilayer Switch must terminate all network connections associated with a device management session at the end of the session, or the session must be terminated after 10 minutes of inactivity except to fulfill documented and validated mission requirements. |
| ☐ | SV-75317r1_rule | The Arista Multilayer Switch must reveal error messages only to authorized individuals (ISSO, ISSM, and SA). |
| ☐ | SV-75319r1_rule | The Arista Multilayer Switch must activate a system alert message, send an alarm, and/or automatically shut down when a component failure is detected. |
| ☐ | SV-75321r1_rule | The Arista Multilayer Switch must synchronize internal information system clocks to the authoritative time source when the time difference is greater than the organization-defined time period. |
| ☐ | SV-75323r1_rule | The Arista Multilayer Switch must be configured to synchronize internal information system clocks with the primary and secondary time sources located in different geographic regions using redundant authoritative time sources. |
| ☐ | SV-75325r1_rule | The Arista Multilayer Switch must record time stamps for audit records that can be mapped to Coordinated Universal Time (UTC) or Greenwich Mean Time (GMT). |
| ☐ | SV-75327r1_rule | Arista Multilayer Switches used for nonlocal maintenance sessions must implement cryptographic mechanisms to protect the integrity of nonlocal maintenance and diagnostic communications. |
| ☐ | SV-75329r1_rule | Arista Multilayer Switches used for nonlocal maintenance sessions must implement cryptographic mechanisms to protect the confidentiality of nonlocal maintenance and diagnostic communications. |
| ☐ | SV-75331r1_rule | The Arista Multilayer Switch must generate audit records for privileged activities or other system-level access. |
| ☐ | SV-75333r1_rule | The Arista Multilayer Switch must generate audit records showing starting and ending time for administrator access to the system. |
| ☐ | SV-75335r1_rule | The Arista Multilayer Switch must generate audit records when concurrent logons from different workstations occur. |
| ☐ | SV-75337r1_rule | The Arista Multilayer Switch must generate audit records for all account creations, modifications, disabling, and termination events. |
| ☐ | SV-75339r1_rule | The Arista Multilayer Switch must, at a minimum, off-load audit records for interconnected systems in real time. |
| ☐ | SV-75341r1_rule | The Arista Multilayer Switch must protect the audit records of nonlocal accesses to privileged accounts and the execution of privileged functions. |
| ☐ | SV-75343r2_rule | The Arista Multilayer Switch must employ AAA service to centrally manage authentication settings. |
| ☐ | SV-75345r1_rule | The Arista Multilayer Switch must support organizational requirements to conduct backups of system-level information contained in the information system when changes occur or weekly, whichever is sooner. |
| ☐ | SV-81685r1_rule | The Arista Multilayer Switch must be updated to one of the minimum approved versions of EOS. |
| ☐ | SV-81687r1_rule | The Arista Multilayer Switch must use FIPS-compliant mechanisms for authentication to a cryptographic module. |
STIGQter: STIG Summary: