Ensure ‘Image Authenticity’ is correct
Details Verifies for digitally signed images that the running image is from a trusted source Rationale: The software image being...
- Home
- Security Hardening
- CIS Cisco ASA 9.x Firewall L1 V1.0.0
CIS Cisco ASA 9.x Firewall L1 V1.0.0
Ensure ‘Image Integrity’ is correct
Details Verifies integrity of an uploaded software before upgrading the system Rationale: Sometimes, manipulating software from downloading them from the...Ensure known default accounts do not exist
Details Deletes the known default accounts configured Rationale: In order to attempt access to known devices’ platforms, attackers use the...Ensure ‘local timezone’ is properly configured
Details Sets the local time zone information so that the time displayed by the ASA is more relevant to those...Ensure ‘local username and password’ is set
Details Sets a local username and password Rationale: Default device configuration does not require strong user authentication enabling unfettered access...Ensure ‘logging’ is enabled
Details Enables logging Rationale: Logging is fundamental for audit requirements and incident management and should be enabled on any business...Ensure ‘logging to monitor’ is disabled
Details Disables the logging to monitor Rationale: The ASA by default send logs to monitor for Telnet and SSH sessions....Ensure ‘logging to Serial console’ is disabled
Details Disables the logging to the Serial console Rationale: Enabling the logs to be sent to the Serial console may...Ensure ‘LOGIN banner’ is set
Details Sets the LOGIN banner for access to the Command Line Interface (CLI) Rationale: Configuring banner is an additional security...Ensure ‘Logon Password’ is set
Details Changes the default login password. Rationale: The login password is used for Telnet and SSH connections. The default device...