Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
Administrator logons, changes to the administrator group, and account lockouts must be logged.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-3178 | NET1300 | SV-3178r2_rule | ECAR-1 ECAR-2 ECAR-3 ECSC-1 | Low |
| Description |
|---|
| The network device and the associated logging functions allows for forensic investigations if properly configured and protected. The administrators account is the most sought after account so extra protection must be taken to protect this account and log its activity. |
| STIG | Date |
|---|---|
| Firewall Security Technical Implementation Guide - Cisco | 2017-12-07 |
Details
| Check Text ( C-12954r5_chk ) |
|---|
| Review the device configuration to determine if all administrative actions are being logged. If administrative actions are not being logged, this is a finding. |
| Fix Text (F-14198r2_fix) |
|---|
| Configure the network device to log all administrative actions performed on the device. |