Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-242638 | CSCO-NM-000330 | SV-242638r961863_rule | Low |
Description |
---|
Information system backup is a critical step in maintaining data assurance and availability. Information system and security-related documentation contains information pertaining to system configuration and security settings. If this information was not backed up and a system failure was to occur, the security settings would be difficult to reconfigure quickly and accurately. Maintaining a backup of information system and security-related documentation provides for a quicker recovery time when system outages occur. This control requires the network device to support the organizational central backup process for user account information associated with the network device. This function may be provided by the network device itself; however, the preferred best practice is a centralized backup rather than each network device performing discrete backups. |
STIG | Date |
---|---|
Cisco ISE NDM Security Technical Implementation Guide | 2024-06-10 |
Check Text ( C-45913r714222_chk ) |
---|
1. Review the SSP to see the site's network device backup policy. Check the Cisco ISE backup log to verify regular backups are being performed. show backup history 2. Determine if there is a recent history of backups. Verify if the backup history shows either weekly backups or periodic backups. If the Cisco ISE is not configured to conduct backups of system-level information contained in the information system when changes occur, this is a finding. |
Fix Text (F-45870r714223_fix) |
---|
Save changes to the Cisco ISE configuration files data and place the backup in a repository by using the backup command in EXEC mode on the CLI. backup [{backup-name} repository {repository-name} ise-config encryption-key hash| plain {encryption-key name}] |