V-215819
CAT IIThe Cisco router must be configured to generate audit records containing the full-text recording of privileged commands.
- Ships Affected
- 1
- Total Findings
- 1
- Open
- 0
- Closed
- 1
Check Text
Review the Cisco router configuration to verify that it is compliant with this requirement. The configuration example below will log all configuration changes.
archive
log config
logging enable
Note: Configuration changes can be viewed using the show archive log config all command.
If the Cisco router is not configured to generate audit records of configuration changes, this is a finding.
Fix Text
Configure the Cisco router to log all configuration changes as shown in the example below.
R4(config)#archive
R4(config-archive)#log config
R4(config-archive-log-cfg)#logging enable
R4(config-archive-log-cfg)#logging size 1000
R4(config-archive-log-cfg)#notify syslog contenttype plaintext
R4(config-archive-log-cfg)#hidekeys
R4(config-archive-log-cfg)#end
STIG Reference
- STIG
- Cisco IOS XE Router NDM Security Technical Implementation Guide
- Version
- 3
- Release
- 7
- Rule ID
- SV-215819r1186330_rule
All Occurrences
This vulnerability appears on 1 ship(s)
| Ship | Hull # | Source File | Status | Assigned To | Scan Date | Actions |
|---|---|---|---|---|---|---|
| USNS MONTFORD POINT | T-ESD-1 | _Reviewed/MONTPOINTGTWYRTR/Checklist/MONTPOINTGTWYRTR_CiscoXERtrNDM_V3R5_20251023-150045.ckl | Unassigned | 2026-01-14T12:57:25.013310 | View in Context |