CISC-ND-001440 - The Cisco switch must be configured to obtain its public key certificates from an appropriate certificate policy through an approved service provider - crypto pki trustpoint

Information

For user certificates, each organization obtains certificates from an approved, shared service provider, as required by OMB policy. For federal agencies operating a legacy public key infrastructure cross-certified with the Federal Bridge Certification Authority at medium assurance or higher, this Certification Authority will suffice.

Solution

Ensure that certificate requests are only sent to DoD or DoD-approved service providers.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Cisco_NX-OS_Switch_Y21M10_STIG.zip

Item Details

Category: CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|CM-6b., 800-53|SC-17, CAT|II, CCI|CCI-000366, CCI|CCI-001159, Rule-ID|SV-220515r604141_rule, STIG-ID|CISC-ND-001440, STIG-Legacy|SV-110679, STIG-Legacy|V-101575, Vuln-ID|V-220515

Plugin: Cisco

Control ID: cf0db86dae5f425f85b2033f7e9042625eb9de651126f7c472557f1968f88a9e