STIGQter STIGQter: STIG Summary: Infrastructure Router Security Technical Implementation Guide Version: 8 Release: 29 Benchmark Date: 25 Jan 2019: The network device must log all interface access control lists (ACL) deny statements.

DISA Rule

SV-3000r4_rule

Vulnerability Number

V-3000

Group Title

Interface ACL deny statements are not logged.

Rule Version

NET1020

Severity

CAT III

CCI(s)

Weight

10

Fix Recommendation

Configure interface ACLs to log all deny statements.

Check Contents

Review the network device interface ACLs to verify all deny statements are logged.

If deny statements are not logged, this is a finding.

Vulnerability Number

V-3000

Documentable

False

Rule Version

NET1020

Severity Override Guidance

Review the network device interface ACLs to verify all deny statements are logged.

If deny statements are not logged, this is a finding.

Check Content Reference

M

Responsibility

Information Assurance Officer

Target Key

510

Comments