Detections
Analytics

DISA STIG Cisco ASA NDM v2r2

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: DISA STIG Cisco ASA NDM v2r2

Updated: 1/20/2026

Authority: DISA STIG

Plugin: Cisco

Revision: 1.1

Estimated Item Count: 48

Audit Items

DescriptionCategories
CASA-ND-000010 - The Cisco ASA must be configured to limit the number of concurrent management sessions to an organization-defined number.
CASA-ND-000090 - The Cisco ASA must be configured to automatically audit account creation.
CASA-ND-000100 - The Cisco ASA must be configured to automatically audit account modification.
CASA-ND-000110 - The Cisco ASA must be configured to automatically audit account-disabling actions.
CASA-ND-000120 - The Cisco ASA must be configured to automatically audit account removal actions.
CASA-ND-000140 - The Cisco ASA must be configured to enforce approved authorizations for controlling the flow of management information within the Cisco ASA based on information flow control policies.
CASA-ND-000160 - The Cisco ASA must be configured to display the Standard Mandatory DoD Notice and Consent Banner before granting access to the device.
CASA-ND-000210 - The Cisco ASA must be configured to protect against an individual (or process acting on behalf of an individual) falsely denying having performed organization-defined actions to be covered by non-repudiation.
CASA-ND-000240 - The Cisco ASA must be configured to generate audit records when successful/unsuccessful attempts to access privileges occur.
CASA-ND-000260 - The Cisco ASA must be configured to produce audit log records containing sufficient information to establish what type of event occurred.
CASA-ND-000270 - The Cisco ASA must be configured to produce audit records containing information to establish when (date and time) the events occurred.
CASA-ND-000280 - The Cisco ASA must be configured to produce audit records containing information to establish where the events occurred.
CASA-ND-000290 - The Cisco ASA must be configured to produce audit log records containing information to establish the source of events.
CASA-ND-000300 - The Cisco ASA must be configured to produce audit records that contain information to establish the outcome of the event.
CASA-ND-000320 - The Cisco ASA must be configured to generate audit records containing the full-text recording of privileged commands.
CASA-ND-000430 - The Cisco ASA must be configured to prohibit the use of all unnecessary and/or non-secure functions, ports, protocols, and/or services.
CASA-ND-000450 - The Cisco ASA must be configured with only one local account to be used as the account of last resort in the event the authentication server is unavailable.
CASA-ND-000470 - The Cisco ASA must be configured to implement replay-resistant authentication mechanisms for network access to privileged accounts.
CASA-ND-000490 - The Cisco ASA must be configured to enforce a minimum 15-character password length.
CASA-ND-000520 - The Cisco ASA must be configured to enforce password complexity by requiring that at least one uppercase character be used.
CASA-ND-000530 - The Cisco ASA must be configured to enforce password complexity by requiring that at least one lowercase character be used.
CASA-ND-000550 - The Cisco ASA must be configured to enforce password complexity by requiring that at least one numeric character be used.
CASA-ND-000570 - The Cisco ASA must be configured to enforce password complexity by requiring that at least one special character be used.
CASA-ND-000580 - The Cisco ASA must be configured to require that when a password is changed, the characters are changed in at least eight of the positions within the password.
CASA-ND-000690 - The Cisco ASA must be configured to terminate all network connections associated with a device management session at the end of the session, or the session must be terminated after five minutes of inactivity except to fulfill documented and validated mission requirements.
CASA-ND-000910 - The Cisco ASA must be configured to audit the execution of privileged functions.
CASA-ND-000920 - The Cisco ASA must be configured to allocate audit record storage capacity in accordance with organization-defined audit record storage requirements.
CASA-ND-000930 - The Cisco ASA must be configured to generate an immediate real-time alert of all audit failure events requiring real-time alerts.
CASA-ND-000940 - The Cisco ASA must be configured to synchronize its clock with the primary and secondary time sources using redundant authoritative time sources.
CASA-ND-000970 - The Cisco ASA must be configured to record time stamps for audit records that meet a granularity of one second for a minimum degree of precision.
CASA-ND-001050 - The Cisco ASA must be configured to authenticate Simple Network Management Protocol (SNMP) messages using a FIPS-validated Keyed-Hash Message Authentication Code (HMAC).
CASA-ND-001070 - The Cisco ASA must be configured to encrypt Simple Network Management Protocol (SNMP) messages using a FIPS 140-2 approved algorithm.
CASA-ND-001080 - The Cisco ASA must be configured to authenticate Network Time Protocol sources using authentication that is cryptographically based.
CASA-ND-001140 - The Cisco ASA must be configured to use FIPS-validated Keyed-Hash Message Authentication Code (HMAC) to protect the integrity of non-local maintenance and diagnostic communications.
CASA-ND-001150 - The Cisco ASA must be configured to implement cryptographic mechanisms using a FIPS 140-2 approved algorithm to protect the confidentiality of remote maintenance sessions.
CASA-ND-001180 - The Cisco ASA must be configured to protect against known types of denial-of-service (DoS) attacks by enabling the Threat Detection feature - DoS attacks by enabling the Threat Detection feature.
CASA-ND-001200 - The Cisco ASA must be configured to generate audit records when successful/unsuccessful attempts to modify administrator privileges occur.
CASA-ND-001210 - The Cisco ASA must be configured to generate audit records when successful/unsuccessful attempts to delete administrator privileges occur.
CASA-ND-001220 - The Cisco ASA must be configured to generate audit records when successful/unsuccessful logon attempts occur.
CASA-ND-001230 - The Cisco ASA must be configured to generate audit records for privileged activities or other system-level access.
CASA-ND-001240 - The Cisco ASA must be configured to generate audit records showing starting and ending time for administrator access to the system.
CASA-ND-001250 - The Cisco ASA must be configured to generate audit records when concurrent logons from different workstations occur.
CASA-ND-001310 - The Cisco ASA must be configured to use at least two authentication servers to authenticate users prior to granting administrative access.
CASA-ND-001350 - The Cisco ASA must be configured to conduct backups of system-level information contained in the information system when changes occur.
CASA-ND-001370 - The Cisco ASA must be configured to obtain its public key certificates from an appropriate certificate policy through an approved service provider.
CASA-ND-001410 - The Cisco ASA must be configured to send log data to at least two central log servers for the purpose of forwarding alerts to organization-defined personnel and/or the firewall administrator.
CASA-ND-001420 - The Cisco ASA must be running an operating system release that is currently supported by Cisco Systems.
DISA_STIG_Cisco_ASA_NDM_v2r2.audit from DISA Cisco ASA NDM v2r2 STIG