Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
SRG-NET-000217-FW-NA | SRG-NET-000217-FW-NA | SRG-NET-000217-FW-NA_rule | Low |
Description |
---|
The most secure algorithm is rendered useless if the keys cannot be kept secured. Left unprotected keys are vulnerable to duplication or modification. Duplication enables an attacker to copy a key to be used for access to the service and to steal information. An attacker may be able to modify or corrupt a key to cause a Denial of Service. Use of approved PKI Class 3 certificates or prepositioned keying material mitigates the risk to the network of duplication or modification of cryptographic keys. Producing, controlling, and distributing asymmetric cryptographic keys is not a function of the firewall. |
STIG | Date |
---|---|
Firewall Security Requirements Guide | 2012-12-10 |
Check Text ( C-SRG-NET-000217-FW-NA_chk ) |
---|
This requirement is NA for firewall. No fix required. |
Fix Text (F-SRG-NET-000217-FW-NA_fix) |
---|
This requirement is NA for firewall. No fix required. |