STIGQter: STIG Summary: Layer 2 Switch Security Technical Implementation Guide - Cisco Version: 8 Release: 27 Benchmark Date: 25 Jan 2019: Access switchports must not be assigned to the native VLAN.

DISA Rule

SV-3984r2_rule

Vulnerability Number

V-3984

Group Title

Access switchports are assigned to the native VLAN

Rule Version

NET-VLAN-009

Severity

CAT II

CCI(s)

CCI-000366 - The organization implements the security configuration settings.

Weight

Fix Recommendation

To insure the integrity of the trunk link and prevent unauthorized access, the native VLAN of the trunk port should be changed from the default VLAN 1 to its own unique VLAN. Access switchports must never be assigned to the native VLAN.

Check Contents

Review the switch configurations and examine all access ports. Verify that they do not belong to the native VLAN.

If any access switch ports are assigned to the native VLAN, it is a finding.

Vulnerability Number

V-3984

Documentable

False

Rule Version

NET-VLAN-009

Severity Override Guidance

Review the switch configurations and examine all access ports. Verify that they do not belong to the native VLAN.

If any access switch ports are assigned to the native VLAN, it is a finding.

STIGQter: STIG Summary: Layer 2 Switch Security Technical Implementation Guide - Cisco Version: 8 Release: 27 Benchmark Date: 25 Jan 2019: Access switchports must not be assigned to the native VLAN.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Responsibility

Target Key

Comments