STIGQter: STIG Summary: Router Security Requirements Guide Version: 4 Release: 2 Benchmark Date: 23 Apr 2021:

The router must be configured to use keys with a duration not exceeding 180 days for authenticating routing protocol messages.

DISA Rule

SV-216984r604135_rule

Vulnerability Number

V-216984

Group Title

SRG-NET-000230

Rule Version

SRG-NET-000230-RTR-000003

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.
• CCI-002205 - The information system uniquely identifies and authenticates source by organization, system, application, and/or individual for information transfer.

Weight

10

Fix Recommendation

This requirement is not applicable for the DoDIN Backbone.

For each authenticated routing protocol session, configure each key to have a lifetime of no more than 180 days.

Check Contents

This requirement is not applicable for the DoDIN Backbone.

For each authenticated routing protocol session, review the configured key expiration dates.

If any key has a lifetime of more than 180 days, this is a finding.

Vulnerability Number

V-216984

Documentable

False

Rule Version

SRG-NET-000230-RTR-000003

Severity Override Guidance

This requirement is not applicable for the DoDIN Backbone.

For each authenticated routing protocol session, review the configured key expiration dates.

If any key has a lifetime of more than 180 days, this is a finding.

Check Content Reference

M

Target Key

2917

Comments