UCF STIG Viewer Logo

The Cisco IOS XE router must generate audit records when successful/unsuccessful attempts to delete administrator privileges occur.


Overview

Finding ID Version Rule ID IA Controls Severity
V-74063 CISR-ND-000122 SV-88737r2_rule Medium
Description
Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one. Audit records can be generated from various components within the network device (e.g., module or policy filter).
STIG Date
Cisco IOS XE Release 3 NDM Security Technical Implementation Guide 2018-12-20

Details

Check Text ( C-74153r4_chk )
Review the Cisco IOS XE router configuration to determine if it automatically audits account modification.

The configuration should look similar to the example below:

logging userinfo
archive
log config
logging enable
logging size 1000
notify syslog contenttype plaintext
hidekeys

If account modification is not automatically audited, this is a finding.
Fix Text (F-80603r3_fix)
Configure the Cisco IOS XE router for auditing.

The configuration should look similar to the example below:

logging userinfo
archive
log config
logging enable
logging size 1000
notify syslog contenttype plaintext
hidekeys