Documentation - V-239864

V-239864

Cisco ASA Firewall Security Technical Implementation Guide

CAT I

Title

The Cisco ASA must be configured to implement scanning threat detection.

Description

<VulnDiscussion>In a port scanning attack, an unauthorized application is used to scan the host devices for available services and open ports for subsequent use in an attack. This type of scanning can be used as a DoS attack when the probing packets are sent excessively.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImp...

Fix Text (Documentation Requirement)

Configure scanning threat detection as shown in the example below. ASA(config)# threat-detection scanning-threat shun

View Full STIG Details →

Documentation Status

Status

Documented Verified - link to a ship document Awaiting Review Evidence submitted, needs verification Pending Needs documentation Not Required Documentation not needed Not Applicable STIG doesn't apply

Notes (Optional)

Cancel