V-215843
CAT IIThe Cisco router must be configured to authenticate Network Time Protocol (NTP) sources using authentication that is cryptographically based.
- Ships Affected
- 1
- Total Findings
- 1
- Open
- 0
- Closed
- 1
Check Text
Review the Cisco router configuration to verify that it is compliant with this requirement as shown in the configuration example below.
ntp authentication-key 1 hmac-sha2-256 xxxxxx
ntp authenticate
ntp trusted-key 1
ntp server x.x.x.x key 1
ntp server y.y.y.y key 1
If the Cisco router is not configured to authenticate NTP sources using authentication that is cryptographically based, this is a finding.
Fix Text
Configure the Cisco router to authenticate NTP sources using authentication that is cryptographically based as shown in the example below.
R2(config)#ntp authenticate
R2(config)#ntp authentication-key 1 hmac-sha2-256 xxxxxxx
R2(config)#ntp trusted-key 1
R2(config)#ntp server x.x.x.x key 1
R2(config)#ntp server y.y.y.y key 1
STIG Reference
- STIG
- Cisco IOS XE Router NDM Security Technical Implementation Guide
- Version
- 3
- Release
- 7
- Rule ID
- SV-215843r1050862_rule
All Occurrences
This vulnerability appears on 1 ship(s)
| Ship | Hull # | Source File | Status | Assigned To | Scan Date | Actions |
|---|---|---|---|---|---|---|
| USNS MONTFORD POINT | T-ESD-1 | _Reviewed/MONTPOINTGTWYRTR/Checklist/MONTPOINTGTWYRTR_CiscoXERtrNDM_V3R5_20251023-150045.ckl | Unassigned | 2026-01-14T12:57:25.013310 | View in Context |