The network devices must require authentication prior to establishing a management connection for administrative access.
Network devices with no password for administrative access via a management connection provide the opportunity for anyone with network access to the device to make configuration changes enabling them to disrupt network operations resulting in a network outage.
Configure authentication for all management connections.
Review the network device configuration to verify all management connections for administrative access require authentication.
The vty ports should
look similar to
the example below
that references an authentication list configured as
line vty 0 4
login authentication AUTH_LIST
exec-timeout 10 0
transport input ssh
Information Assurance Officer