Audits
Settings
Links
Tenable Cloud
Tenable Community & Support
Tenable University
Theme
Light
Dark
Auto
Help
Plugins
Overview
Plugins Pipeline
Newest
Updated
Search
Nessus Families
WAS Families
NNM Families
Tenable OT Security Families
About Plugin Families
Release Notes
Audits
Overview
Newest
Updated
Search Audit Files
Search Items
References
Authorities
Documentation
Download All Audit Files
Indicators
Overview
Search
Indicators of Attack
Indicators of Exposure
Release Notes
CVEs
Overview
Newest
Updated
Search
Attack Path Techniques
Overview
Search
Links
Tenable Cloud
Tenable Community & Support
Tenable University
Settings
Theme
Light
Dark
Auto
Detections
Plugins
Overview
Plugins Pipeline
Release Notes
Newest
Updated
Search
Nessus Families
WAS Families
NNM Families
Tenable OT Security Families
About Plugin Families
Audits
Overview
Newest
Updated
Search Audit Files
Search Items
References
Authorities
Documentation
Download All Audit Files
Indicators
Overview
Search
Indicators of Attack
Indicators of Exposure
Release Notes
Analytics
CVEs
Overview
Newest
Updated
Search
Attack Path Techniques
Overview
Search
Audits
References
CCI
CCI-001095
CCI
CCI|CCI-001095
Title
Manage capacity, bandwidth, or other redundancy to limit the effects of information flooding types of denial of service attacks.
Reference Item Details
Reference:
CCI - DISA Control Correlation Identifier
Category:
2024
Audit Items
View all Reference Audit Items
Name
Plugin
Audit Name
1.54 UBTU-22-253010
Unix
CIS Ubuntu Linux 22.04 LTS STIG v1.0.0 CAT II
1.110 UBTU-24-600190
Unix
CIS Ubuntu Linux 24.04 LTS STIG v1.0.0 CAT II
1.182 RHEL-09-253010
Unix
CIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II
3.123 - Auditing Access of Global System Objects must be turned off.
Windows
DISA Windows Vista STIG v6r41
3.124 - Audit of Backup and Restore Privileges is not turned off.
Windows
DISA Windows Vista STIG v6r41
AIX7-00-003096 - AIX must set Stack Execution Disable (SED) system wide mode to all.
Unix
DISA STIG AIX 7.x v3r1
ALMA-09-042480 - AlmaLinux OS 9 must be configured to use TCP syncookies.
Unix
DISA CloudLinux AlmaLinux OS 9 STIG v1r2
AMLS-L3-000270 - The Arista Multilayer Switch must manage excess bandwidth to limit the effects of packet flooding types of denial of service (DoS) attacks - DoS attacks.
Arista
DISA STIG Arista MLS DCS-7000 Series RTR v1r4
ARST-L2-000030 - The Arista MLS layer 2 switch must be configured for Storm Control to limit the effects of packet flooding types of denial-of-service (DoS) attacks.
Arista
DISA STIG Arista MLS EOS 4.2x L2S v2r1
ARST-L2-000030 - The Arista MLS layer 2 switch must be configured for Storm Control to limit the effects of packet flooding types of denial-of-service (DoS) attacks.
Arista
DISA STIG Arista MLS EOS 4.x L2S v2r2
ARST-RT-000290 - The MPLS router with RSVP-TE enabled must be configured with message pacing or refresh reduction to adjust maximum number of RSVP messages to an output queue based on the link speed and input queue size of adjacent core routers.
Arista
DISA STIG Arista MLS EOS 4.2x Router v2r1
ARST-RT-000290 - The MPLS router with RSVP-TE enabled must be configured with message pacing or refresh reduction to adjust maximum number of RSVP messages to an output queue based on the link speed and input queue size of adjacent core routers.
Arista
DISA STIG Arista MLS EOS 4.x Router v2r2
ARST-RT-000300 - The PE router must be configured to enforce a Quality-of-Service (QoS) policy to limit the effects of packet flooding denial-of-service (DoS) attacks.
Arista
DISA STIG Arista MLS EOS 4.x Router v2r2
ARST-RT-000300 - The PE router must be configured to enforce a Quality-of-Service (QoS) policy to limit the effects of packet flooding denial-of-service (DoS) attacks.
Arista
DISA STIG Arista MLS EOS 4.2x Router v2r1
ARST-RT-000310 - The PE router must be configured to enforce a Quality-of-Service (QoS) policy in accordance with the QoS DODIN Technical Profile.
Arista
DISA STIG Arista MLS EOS 4.2x Router v2r1
ARST-RT-000310 - The PE router must be configured to enforce a Quality-of-Service (QoS) policy in accordance with the QoS DODIN Technical Profile.
Arista
DISA STIG Arista MLS EOS 4.x Router v2r2
ARST-RT-000320 - The PE router must be configured to enforce a Quality-of-Service (QoS) policy in accordance with the QoS GIG Technical Profile.
Arista
DISA STIG Arista MLS EOS 4.2x Router v2r1
ARST-RT-000320 - The PE router must be configured to enforce a Quality-of-Service (QoS) policy in accordance with the QoS GIG Technical Profile.
Arista
DISA STIG Arista MLS EOS 4.x Router v2r2
Big Sur - Limit Impact of Denial of Service Attacks
Unix
NIST macOS Big Sur v1.4.0 - All Profiles
BIND-9X-001054 - A BIND 9.x server implementation must manage excess capacity, bandwidth, or other redundancy to limit the effects of information flooding types of Denial of Service (DoS) attacks.
Unix
DISA BIND 9.x STIG v2r3
CASA-FW-000150 - The Cisco ASA must be configured to enable threat detection to mitigate risks of denial-of-service (DoS) attacks.
Cisco
DISA STIG Cisco ASA FW v2r1
CISC-L2-000040 - The Cisco switch must manage excess bandwidth to limit the effects of packet flooding types of denial-of-service (DoS) attacks.
Cisco
DISA Cisco IOS XE Switch L2S STIG v3r2
CISC-L2-000040 - The Cisco switch must manage excess bandwidth to limit the effects of packet-flooding types of denial-of-service (DoS) attacks.
Cisco
DISA Cisco IOS Switch L2S STIG v3r1
CISC-RT-000610 - The MPLS router with RSVP-TE enabled must be configured with message pacing to adjust maximum burst and maximum number of RSVP messages to an output queue based on the link speed and input queue size of adjacent core routers.
Cisco
DISA Cisco IOS XE Router RTR STIG v3r3
CISC-RT-000610 - The MPLS router with RSVP-TE enabled must be configured with message pacing to adjust maximum burst and maximum number of RSVP messages to an output queue based on the link speed and input queue size of adjacent core routers.
Cisco
DISA Cisco IOS Router RTR STIG v3r3
CISC-RT-000610 - The MPLS router with RSVP-TE enabled must be configured with message pacing to adjust maximum burst and maximum number of RSVP messages to an output queue based on the link speed and input queue size of adjacent core routers.
Cisco
DISA Cisco IOS XR Router RTR STIG v3r2
CISC-RT-000610 - The MPLS switch with RSVP-TE enabled must be configured with message pacing to adjust maximum burst and maximum number of RSVP messages to an output queue based on the link speed and input queue size of adjacent core switches.
Cisco
DISA Cisco IOS XE Switch RTR STIG v3r2
CISC-RT-000610 - The MPLS switch with RSVP-TE enabled must be configured with message pacing to adjust maximum burst and maximum number of RSVP messages to an output queue based on the link speed and input queue size of adjacent core switches.
Cisco
DISA Cisco NX OS Switch RTR STIG v3r3
CISC-RT-000700 - The Cisco PE router providing Virtual Private LAN Services (VPLS) must be configured to have traffic storm control thresholds on CE-facing interfaces.
Cisco
DISA Cisco IOS XR Router RTR STIG v3r2
CISC-RT-000700 - The Cisco PE router providing Virtual Private LAN Services (VPLS) must be configured to have traffic storm control thresholds on CE-facing interfaces.
Cisco
DISA Cisco IOS XE Router RTR STIG v3r3
CISC-RT-000700 - The Cisco PE switch providing Virtual Private LAN Services (VPLS) must be configured to have traffic storm control thresholds on CE-facing interfaces.
Cisco
DISA Cisco NX OS Switch RTR STIG v3r3
CISC-RT-000700 - The Cisco PE switch providing Virtual Private LAN Services (VPLS) must be configured to have traffic storm control thresholds on CE-facing interfaces.
Cisco
DISA Cisco IOS XE Switch RTR STIG v3r2
CISC-RT-000760 - The Cisco PE router must be configured to enforce a Quality-of-Service (QoS) policy to provide preferred treatment for mission-critical applications.
Cisco
DISA Cisco IOS Router RTR STIG v3r3
CISC-RT-000760 - The Cisco PE router must be configured to enforce a Quality-of-Service (QoS) policy to provide preferred treatment for mission-critical applications.
Cisco
DISA Cisco IOS XE Router RTR STIG v3r3
CISC-RT-000760 - The Cisco PE router must be configured to enforce a Quality-of-Service (QoS) policy to provide preferred treatment for mission-critical applications.
Cisco
DISA Cisco IOS XR Router RTR STIG v3r2
CISC-RT-000760 - The Cisco PE switch must be configured to enforce a Quality-of-Service (QoS) policy to provide preferred treatment for mission-critical applications.
Cisco
DISA Cisco IOS XE Switch RTR STIG v3r2
CISC-RT-000760 - The Cisco PE switch must be configured to enforce a Quality-of-Service (QoS) policy to provide preferred treatment for mission-critical applications.
Cisco
DISA Cisco NX OS Switch RTR STIG v3r3
CISC-RT-000760 - The Cisco PE switch must be configured to enforce a Quality-of-Service (QoS) policy to provide preferred treatment for mission-critical applications.
Cisco
DISA Cisco IOS Switch RTR STIG v3r1
CISC-RT-000770 - The Cisco P router must be configured to enforce a Quality-of-Service (QoS) policy to provide preferred treatment for mission-critical applications.
Cisco
DISA Cisco IOS XE Router RTR STIG v3r3
CISC-RT-000770 - The Cisco P router must be configured to enforce a Quality-of-Service (QoS) policy to provide preferred treatment for mission-critical applications.
Cisco
DISA Cisco IOS XR Router RTR STIG v3r2
CISC-RT-000770 - The Cisco P router must be configured to enforce a Quality-of-Service (QoS) policy to provide preferred treatment for mission-critical applications.
Cisco
DISA Cisco IOS Router RTR STIG v3r3
CISC-RT-000770 - The Cisco P switch must be configured to enforce a Quality-of-Service (QoS) policy to provide preferred treatment for mission-critical applications.
Cisco
DISA Cisco NX OS Switch RTR STIG v3r3
CISC-RT-000770 - The Cisco P switch must be configured to enforce a Quality-of-Service (QoS) policy to provide preferred treatment for mission-critical applications.
Cisco
DISA Cisco IOS Switch RTR STIG v3r1
CISC-RT-000770 - The Cisco P switch must be configured to enforce a Quality-of-Service (QoS) policy to provide preferred treatment for mission-critical applications.
Cisco
DISA Cisco IOS XE Switch RTR STIG v3r2
CISC-RT-000780 - The Cisco PE router must be configured to enforce a Quality-of-Service (QoS) policy to limit the effects of packet flooding denial of service (DoS) attacks.
Cisco
DISA Cisco IOS XE Router RTR STIG v3r3
CISC-RT-000780 - The Cisco PE router must be configured to enforce a Quality-of-Service (QoS) policy to limit the effects of packet flooding denial-of-service (DoS) attacks.
Cisco
DISA Cisco IOS Router RTR STIG v3r3
CISC-RT-000780 - The Cisco PE router must be configured to enforce a Quality-of-Service (QoS) policy to limit the effects of packet flooding denial-of-service (DoS) attacks.
Cisco
DISA Cisco IOS XR Router RTR STIG v3r2
CISC-RT-000780 - The Cisco switch must be configured to enforce a Quality-of-Service (QoS) policy to limit the effects of packet flooding denial-of-service (DoS) attacks.
Cisco
DISA Cisco NX OS Switch RTR STIG v3r3
CISC-RT-000780 - The Cisco switch must be configured to enforce a Quality-of-Service (QoS) policy to limit the effects of packet flooding denial-of-service (DoS) attacks.
Cisco
DISA Cisco IOS XE Switch RTR STIG v3r2
CISC-RT-000780 - The Cisco switch must be configured to enforce a Quality-of-Service (QoS) policy to limit the effects of packet flooding denial-of-service (DoS) attacks.
Cisco
DISA Cisco IOS Switch RTR STIG v3r1
