The network device must use cryptography to protect the integrity of audit tools.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
SRG-NET-000107-NDM-NA	SRG-NET-000107-NDM-NA	SRG-NET-000107-NDM-NA_rule		Low

Description
Audit tools provide services, such as audit reduction, reporting, and analysis. Without mechanisms, such as a signed hash using asymmetric cryptography, the integrity of these audit tools used for audit reduction and reporting, as well as the collected data garnered from them, is not fully protected. Audit tools integrated into the network device must use cryptographic mechanisms to protect and store audit information transmitted or stored by these tools. This is not applicable because not all network devices have the capabilities of having additional tools implemented. This would be a function of the application or tool.

Description

Audit tools provide services, such as audit reduction, reporting, and analysis. Without mechanisms, such as a signed hash using asymmetric cryptography, the integrity of these audit tools used for audit reduction and reporting, as well as the collected data garnered from them, is not fully protected. Audit tools integrated into the network device must use cryptographic mechanisms to protect and store audit information transmitted or stored by these tools. This is not applicable because not all network devices have the capabilities of having additional tools implemented. This would be a function of the application or tool.

STIG	Date
Network Device Management Security Requirements Guide	2013-07-30

Details

Check Text ( C-SRG-NET-000107-NDM-NA_chk )
This requirement is NA for network device management.

Fix Text (F-SRG-NET-000107-NDM-NA_fix)
This requirement is NA for network device management.