From Firewall Security Technical Implementation Guide - Cisco
Part of Admins will be logged.
Associated with IA controls: ECSC-1, ECAR-3, ECAR-2, ECAR-1
The network device and the associated logging functions allows for forensic investigations if properly configured and protected. The administrators account is the most sought after account so extra protection must be taken to protect this account and log its activity.
Review the device configuration to determine if all administrative actions are being logged. If administrative actions are not being logged, this is a finding.
Configure the network device to log all administrative actions performed on the device.
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer