STIGQter: STIG Summary: Network Infrastructure Policy Security Technical Implementation Guide Version: 9 Release: 10 Benchmark Date: 24 Jan 2020:

Network topology diagrams for the enclave must be maintained and up to date at all times.

DISA Rule

SV-8532r3_rule

Vulnerability Number

V-8046

Group Title

Network infrastructure is not properly documented.

Rule Version

NET0090

Severity

CAT II

CCI(s)

• CCI-001098 - The information system connects to external networks or information systems only through managed interfaces consisting of boundary protection devices arranged in accordance with an organizational security architecture.

Weight

10

Fix Recommendation

Update the enclave's network topology diagram to represent the current state of the network and its connectivity.

Check Contents

Validate the network diagram by correlating the information with all routers, multi-layer switches, and firewall configurations.

Validate all subnets have been documented accordingly.

Validate any connectivity documented on the diagram by physically examining the cable connections for the downstream and upstream links, as well as connections for major network components (Routers, Switches, Firewalls, IDS/IPS, etc.).

If the site has not maintained network topology diagrams for the enclave, this is a finding.

Vulnerability Number

V-8046

Documentable

False

Rule Version

NET0090

Severity Override Guidance

Validate the network diagram by correlating the information with all routers, multi-layer switches, and firewall configurations.

Validate all subnets have been documented accordingly.

Validate any connectivity documented on the diagram by physically examining the cable connections for the downstream and upstream links, as well as connections for major network components (Routers, Switches, Firewalls, IDS/IPS, etc.).

If the site has not maintained network topology diagrams for the enclave, this is a finding.

Check Content Reference

M

Target Key

838

Comments