Detections
Analytics

CCI|CCI-001368

Title

The information system enforces approved authorizations for controlling the flow of information within the system based on organization-defined information flow control policies.

Reference Item Details

Category: 2009

Audit Items

View all Reference Audit Items

NamePluginAudit Name
AMLS-L2-000100 - The Arista Multilayer Switch must enforce approved authorizations for controlling the flow of information within the network based on organization-defined information flow control policies.AristaDISA STIG Arista MLS DCS-7000 Series L2S v1r2
CASA-ND-000140 - The Cisco ASA must be configured to enforce approved authorizations for controlling the flow of management information within the Cisco ASA based on information flow control policies.CiscoDISA STIG Cisco ASA NDM v1r5
CISC-ND-000140 - The Cisco router must be configured to enforce approved authorizations for controlling the flow of management information within the device based on control policiesCiscoDISA STIG Cisco IOS XE Router NDM v2r7
CISC-ND-000140 - The Cisco router must be configured to enforce approved authorizations for controlling the flow of management information within the device based on control policies - access-class denyCiscoDISA STIG Cisco IOS-XR Router NDM v2r3
CISC-ND-000140 - The Cisco router must be configured to enforce approved authorizations for controlling the flow of management information within the device based on control policies - access-class permitCiscoDISA STIG Cisco IOS-XR Router NDM v2r3
CISC-ND-000140 - The Cisco router must be configured to enforce approved authorizations for controlling the flow of management information within the device based on control policies - line defaultCiscoDISA STIG Cisco IOS-XR Router NDM v2r3
CISC-ND-000140 - The Cisco router must be configured to enforce approved authorizations for controlling the flow of management information within the device based on control policies - vty-poolCiscoDISA STIG Cisco IOS-XR Router NDM v2r3
CISC-ND-000140 - The Cisco router must be configured to enforce approved authorizations for controlling the flow of management information within the device based on control policies.CiscoDISA STIG Cisco IOS Router NDM v2r7
CISC-ND-000140 - The Cisco switch must be configured to enforce approved authorizations for controlling the flow of management information within the device based on control policiesCiscoDISA STIG Cisco IOS Switch NDM v2r6
CISC-ND-000140 - The Cisco switch must be configured to enforce approved authorizations for controlling the flow of management information within the device based on control policiesCiscoDISA STIG Cisco IOS XE Switch NDM v2r6
CISC-ND-000140 - The Cisco switch must be configured to enforce approved authorizations for controlling the flow of management information within the device based on control policiesCiscoDISA STIG Cisco NX-OS Switch NDM v2r5
CISC-RT-000010 - The Cisco router must be configured to enforce approved authorizations for controlling the flow of information within the network based on organization-defined information flow control policiesCiscoDISA STIG Cisco IOS XE Router RTR v2r8
CISC-RT-000010 - The Cisco router must be configured to enforce approved authorizations for controlling the flow of information within the network based on organization-defined information flow control policiesCiscoDISA STIG Cisco IOS-XR Router RTR v2r3
CISC-RT-000010 - The Cisco router must be configured to enforce approved authorizations for controlling the flow of information within the network based on organization-defined information flow control policies.CiscoDISA STIG Cisco IOS Router RTR v2r6
CISC-RT-000010 - The Cisco switch must be configured to enforce approved authorizations for controlling the flow of information within the network based on organization-defined information flow control policies.CiscoDISA STIG Cisco NX-OS Switch RTR v2r3
CISC-RT-000010 - The Cisco switch must be configured to enforce approved authorizations for controlling the flow of information within the network based on organization-defined information flow control policies.CiscoDISA STIG Cisco IOS Switch RTR v2r4
CISC-RT-000010 - The Cisco switch must be configured to enforce approved authorizations for controlling the flow of information within the network based on organization-defined information flow control policies.CiscoDISA STIG Cisco IOS XE Switch RTR v2r4
CISC-RT-000490 - The Cisco BGP router must be configured to reject inbound route advertisements for any Bogon prefixes - neighborCiscoDISA STIG Cisco IOS-XR Router RTR v2r3
CISC-RT-000490 - The Cisco BGP router must be configured to reject inbound route advertisements for any Bogon prefixes - neighborCiscoDISA STIG Cisco IOS Router RTR v2r6
CISC-RT-000490 - The Cisco BGP router must be configured to reject inbound route advertisements for any Bogon prefixes - show ip prefix-listCiscoDISA STIG Cisco IOS Router RTR v2r6
CISC-RT-000490 - The Cisco BGP router must be configured to reject inbound route advertisements for any Bogon prefixes - show ip prefix-listCiscoDISA STIG Cisco IOS-XR Router RTR v2r3
CISC-RT-000490 - The Cisco BGP router must be configured to reject inbound route advertisements for any Bogon prefixes.CiscoDISA STIG Cisco IOS XE Router RTR v2r8
CISC-RT-000490 - The Cisco BGP switch must be configured to reject inbound route advertisements for any Bogon prefixes.CiscoDISA STIG Cisco NX-OS Switch RTR v2r3
CISC-RT-000490 - The Cisco BGP switch must be configured to reject inbound route advertisements for any Bogon prefixes.CiscoDISA STIG Cisco IOS XE Switch RTR v2r4
CISC-RT-000500 - The Cisco BGP router must be configured to reject inbound route advertisements for any prefixes belonging to the local autonomous system (AS) - neighborCiscoDISA STIG Cisco IOS-XR Router RTR v2r3
CISC-RT-000500 - The Cisco BGP router must be configured to reject inbound route advertisements for any prefixes belonging to the local autonomous system (AS) - neighborCiscoDISA STIG Cisco IOS Router RTR v2r6
CISC-RT-000500 - The Cisco BGP router must be configured to reject inbound route advertisements for any prefixes belonging to the local autonomous system (AS) - route policyCiscoDISA STIG Cisco IOS-XR Router RTR v2r3
CISC-RT-000500 - The Cisco BGP router must be configured to reject inbound route advertisements for any prefixes belonging to the local autonomous system (AS) - show ip prefix-listCiscoDISA STIG Cisco IOS Router RTR v2r6
CISC-RT-000500 - The Cisco BGP router must be configured to reject inbound route advertisements for any prefixes belonging to the local autonomous system (AS).CiscoDISA STIG Cisco IOS XE Router RTR v2r8
CISC-RT-000500 - The Cisco BGP switch must be configured to reject inbound route advertisements for any prefixes belonging to the local autonomous system (AS)CiscoDISA STIG Cisco NX-OS Switch RTR v2r3
CISC-RT-000500 - The Cisco BGP switch must be configured to reject inbound route advertisements for any prefixes belonging to the local autonomous system (AS).CiscoDISA STIG Cisco IOS XE Switch RTR v2r4
CISC-RT-000510 - The Cisco BGP router must be configured to reject inbound route advertisements from a customer edge (CE) router for prefixes that are not allocated to that customer - neighborCiscoDISA STIG Cisco IOS Router RTR v2r6
CISC-RT-000510 - The Cisco BGP router must be configured to reject inbound route advertisements from a customer edge (CE) router for prefixes that are not allocated to that customer - neighborCiscoDISA STIG Cisco IOS-XR Router RTR v2r3
CISC-RT-000510 - The Cisco BGP router must be configured to reject inbound route advertisements from a customer edge (CE) router for prefixes that are not allocated to that customer - route-policyCiscoDISA STIG Cisco IOS-XR Router RTR v2r3
CISC-RT-000510 - The Cisco BGP router must be configured to reject inbound route advertisements from a customer edge (CE) router for prefixes that are not allocated to that customer - show ip prefix-listCiscoDISA STIG Cisco IOS Router RTR v2r6
CISC-RT-000510 - The Cisco BGP router must be configured to reject inbound route advertisements from a customer edge (CE) router for prefixes that are not allocated to that customer.CiscoDISA STIG Cisco IOS XE Router RTR v2r8
CISC-RT-000510 - The Cisco BGP switch must be configured to reject inbound route advertisements from a customer edge (CE) switch for prefixes that are not allocated to that customer.CiscoDISA STIG Cisco NX-OS Switch RTR v2r3
CISC-RT-000510 - The Cisco BGP switch must be configured to reject inbound route advertisements from a customer edge (CE) switch for prefixes that are not allocated to that customer.CiscoDISA STIG Cisco IOS XE Switch RTR v2r4
CISC-RT-000520 - The Cisco BGP router must be configured to reject outbound route advertisements for any prefixes that do not belong to any customers or the local autonomous system (AS) - ip prefix-listCiscoDISA STIG Cisco IOS-XR Router RTR v2r3
CISC-RT-000520 - The Cisco BGP router must be configured to reject outbound route advertisements for any prefixes that do not belong to any customers or the local autonomous system (AS) - ip prefix-listCiscoDISA STIG Cisco IOS Router RTR v2r6
CISC-RT-000520 - The Cisco BGP router must be configured to reject outbound route advertisements for any prefixes that do not belong to any customers or the local autonomous system (AS) - neighborCiscoDISA STIG Cisco IOS Router RTR v2r6
CISC-RT-000520 - The Cisco BGP router must be configured to reject outbound route advertisements for any prefixes that do not belong to any customers or the local autonomous system (AS) - neighborCiscoDISA STIG Cisco IOS-XR Router RTR v2r3
CISC-RT-000520 - The Cisco BGP router must be configured to reject outbound route advertisements for any prefixes that do not belong to any customers or the local autonomous system (AS).CiscoDISA STIG Cisco IOS XE Router RTR v2r8
CISC-RT-000520 - The Cisco BGP switch must be configured to reject outbound route advertisements for any prefixes that do not belong to any customers or the local autonomous system (AS).CiscoDISA STIG Cisco NX-OS Switch RTR v2r3
CISC-RT-000520 - The Cisco BGP switch must be configured to reject outbound route advertisements for any prefixes that do not belong to any customers or the local autonomous system (AS).CiscoDISA STIG Cisco IOS XE Switch RTR v2r4
CISC-RT-000920 - The Cisco Multicast Source Discovery Protocol (MSDP) router must be configured to filter received source-active multicast advertisements for any undesirable multicast groups and sources.CiscoDISA STIG Cisco IOS-XR Router RTR v2r3
CISC-RT-000920 - The Cisco Multicast Source Discovery Protocol (MSDP) router must be configured to filter received source-active multicast advertisements for any undesirable multicast groups and sources.CiscoDISA STIG Cisco IOS XE Router RTR v2r8
CISC-RT-000920 - The Cisco Multicast Source Discovery Protocol (MSDP) router must be configured to filter received source-active multicast advertisements for any undesirable multicast groups and sources.CiscoDISA STIG Cisco IOS Router RTR v2r6
CISC-RT-000920 - The Cisco Multicast Source Discovery Protocol (MSDP) switch must be configured to filter received source-active multicast advertisements for any undesirable multicast groups and sourcesCiscoDISA STIG Cisco NX-OS Switch RTR v2r3
CISC-RT-000920 - The Cisco Multicast Source Discovery Protocol (MSDP) switch must be configured to filter received source-active multicast advertisements for any undesirable multicast groups and sources.CiscoDISA STIG Cisco IOS XE Switch RTR v2r4