Free DISA STIG and SRG Library | Vaulted
  1. Security Guide Library
  2. Infrastructure L3 Switch Security Technical Implementation Guide
  3. V-3160

V-3160

Network devices must be running a current and supported operating system with all IAVMs addressed.

Finding ID
NET0700
Rule ID
SV-3160r4_rule
Severity
Cat II
CCE
(None)
Group Title
Operating system is not at a current release level.
CCI
(None)
Target Key
(None)
Documentable
No
Discussion

Network devices not running the latest tested and approved versions of software are vulnerable to network attacks. Running the most current, approved version of system and device software helps the site maintain a stable base of security fixes and patches, as well as enhancements to IP security. Viruses, denial of service attacks, system weaknesses, back doors and other potentially harmful situations could render a system vulnerable, allowing unauthorized access to DoD assets.

Fix Text

Update operating system to a supported version that addresses all related IAVMs.

Check Content

Have the administrator display the OS version in operation. The OS must be current with related IAVMs addressed. If the device is using an OS that does not meet all IAVMs or currently not supported by the vendor, this is a finding.

Responsibility

Information Assurance Officer

Vaulted is more than a library.

SIGN UP FOR FREE