STIGQter: STIG Summary: Cisco IOS XE Switch NDM Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Oct 2020:

The Cisco switch must be configured to generate audit records containing the full-text recording of privileged commands.

DISA Rule

SV-220530r531084_rule

Vulnerability Number

V-220530

Group Title

SRG-APP-000101-NDM-000231

Rule Version

CISC-ND-000330

Severity

CAT II

CCI(s)

• CCI-000135 - The information system generates audit records containing the organization-defined additional, more detailed information that is to be included in the audit records.

Weight

10

Fix Recommendation

Configure the Cisco switch to log all configuration changes as shown in the example below:

SW4(config)#archive
SW4(config-archive)#log config
SW4(config-archive-log-cfg)#logging enable
SW4(config-archive-log-cfg)#end

Check Contents

Review the Cisco switch configuration to verify that it is compliant with this requirement. The configuration example below will log all configuration changes.

archive
log config
logging enable

Note: Configuration changes can be viewed using the show archive log config all command.

If the Cisco switch is not configured to generate audit records of configuration changes, this is a finding.

Vulnerability Number

V-220530

Documentable

False

Rule Version

CISC-ND-000330

Severity Override Guidance

Review the Cisco switch configuration to verify that it is compliant with this requirement. The configuration example below will log all configuration changes.

archive
log config
logging enable

Note: Configuration changes can be viewed using the show archive log config all command.

If the Cisco switch is not configured to generate audit records of configuration changes, this is a finding.

Check Content Reference

M

Target Key

4067

Comments