STIGQter STIGQter: STIG Summary: Cisco IOS Switch L2S Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Apr 2021:

The Cisco switch must manage excess bandwidth to limit the effects of packet-flooding types of denial-of-service (DoS) attacks.

DISA Rule

SV-220625r539671_rule

Vulnerability Number

V-220625

Group Title

SRG-NET-000193-L2S-000020

Rule Version

CISC-L2-000040

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Enable QoS on the switch:

SW1(config)#mls qos

Check Contents

Review the switch configuration to verify QoS has been enabled as shown below:

mls qos

If QoS has not been enabled, this is a finding.

Vulnerability Number

V-220625

Documentable

False

Rule Version

CISC-L2-000040

Severity Override Guidance

Review the switch configuration to verify QoS has been enabled as shown below:

mls qos

If QoS has not been enabled, this is a finding.

Check Content Reference

M

Target Key

4070

Comments