The network device must employ cryptographic mechanisms to prevent unauthorized disclosure of information at rest.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| SRG-NET-000239-NDM-000177 | SRG-NET-000239-NDM-000177 | SRG-NET-000239-NDM-000177_rule | Medium |
| Description |
|---|
| This requirement is intended to address the confidentiality and integrity of system information at rest (e.g., network device rule sets or ACLs) when it is located on a storage device within the network device or as a component of the network device. This protection is required to prevent unauthorized disclosure of information when not stored directly on the network device. |
| STIG | Date |
|---|---|
| Network Device Management Security Requirements Guide | 2013-07-30 |
Details
| Check Text ( C-SRG-NET-000239-NDM-000177_chk ) |
|---|
| Inspect the encryption configuration of the network device. Verify encryption is automatically used for all data at rest. If the system is not configured to employ cryptographic mechanisms to prevent unauthorized disclosure of information at rest, this is a finding. |
| Fix Text (F-SRG-NET-000239-NDM-000177_fix) |
|---|
| Open the device's management application and navigate to the encryption configuration screen. Configure the device so encryption is automatically used for all data at rest. |