STIGQter: STIG Summary: Arista MLS DCS-7000 Series NDM Security Technical Implementation Guide Version: 1 Release: 3 Benchmark Date: 25 Oct 2019:

The Arista Multilayer Switch must generate audit records for privileged activities or other system-level access.

DISA Rule

SV-75331r1_rule

Vulnerability Number

V-60873

Group Title

SRG-APP-000504-NDM-000321

Rule Version

AMLS-NM-000360

Severity

CAT II

CCI(s)

• CCI-000172 - The information system generates audit records for the events defined in AU-2 d. with the content defined in AU-3.

Weight

10

Fix Recommendation

Configure the network device to generate audit records for privileged activities or other system-level access.

aaa accounting commands all default start-stop
aaa accounting exec default start-stop
aaa accounting system default start-stop

Check Contents

Determine if the network device generates audit records for privileged activities or other system-level access.

If the network device does not generate audit records for privileged activities or other system-level access, this is a finding.

Verify logging is configured to audit full-text commands.

Execute a "show logging" command and review the logs to verify the full text of commands is included.

Vulnerability Number

V-60873

Documentable

False

Rule Version

AMLS-NM-000360

Severity Override Guidance

Determine if the network device generates audit records for privileged activities or other system-level access.

If the network device does not generate audit records for privileged activities or other system-level access, this is a finding.

Verify logging is configured to audit full-text commands.

Execute a "show logging" command and review the logs to verify the full text of commands is included.

Check Content Reference

M

Target Key

2825

Comments