| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONTPOINTGTWYRTR | 10.10.10.1 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-CiscoXERouterNDM_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 746684BF0C80384E74956B54D242941B88392F07 ~~~~~ ntp allow mode control 0 ntp authentication-key 80 md5 0021450F24771D4F387C521D5936042A32 7 ntp authentication-key 20 md5 10401D090E120B051814212E3D 7 ntp trusted-key 20 ntp trusted-key 80 ntp source BDI400 ntp server 164.231.98.1 key 20 ntp server 164.231.69.13 key 80 prefer Comments |
|||||
Check Text
Review the Cisco router configuration to verify that it is compliant with this requirement as shown in the configuration example below. ntp authentication-key 1 hmac-sha2-256 xxxxxx ntp authenticate ntp trusted-key 1 ntp server x.x.x.x key 1 ntp server y.y.y.y key 1 If the Cisco router is not configured to authenticate NTP sources using authentication that is cryptographically based, this is a finding.
Fix Text
Configure the Cisco router to authenticate NTP sources using authentication that is cryptographically based as shown in the example below. R2(config)#ntp authenticate R2(config)#ntp authentication-key 1 hmac-sha2-256 xxxxxxx R2(config)#ntp trusted-key 1 R2(config)#ntp server x.x.x.x key 1 R2(config)#ntp server y.y.y.y key 1