UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

Administrator logons, changes to the administrator group, and account lockouts must be logged.


Overview

Finding ID Version Rule ID IA Controls Severity
V-3178 NET1300 SV-3178r2_rule ECAR-1 ECAR-2 ECAR-3 ECSC-1 Low
Description
The network device and the associated logging functions allows for forensic investigations if properly configured and protected. The administrators account is the most sought after account so extra protection must be taken to protect this account and log its activity.
STIG Date
Firewall Security Technical Implementation Guide - Cisco 2016-12-21

Details

Check Text ( C-12954r5_chk )
Review the device configuration to determine if all administrative actions are being logged.

If administrative actions are not being logged, this is a finding.
Fix Text (F-14198r2_fix)
Configure the network device to log all administrative actions performed on the device.