Details
Verifies integrity of an uploaded software before upgrading the system
Rationale:
Sometimes, manipulating software from downloading them from the Cisco.com website to uploading them in the security appliance can modify the software, mostly when the copy has not been properly performed or the software has transited into malware infected machines. For an upgrade to be performed without downtime, the image integrity should be verified.
NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.
Solution
Download a new image from the Cisco.com website and apply the audit procedure until obtaining the message ‘Verified’ at the end of the output.
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: System and Information Integrity.This control applies to the following type of system Cisco.