Académique Documents
Professionnel Documents
Culture Documents
Findings
Questions
Router Policy
Is a router security policy in
place?
Disable Unneeded Services
Are unused interfaces disabled?
Yes
No
ISO 27001
Control
A.5.1.1
A.11.4.1
A.11.4.4
A.11.5.4
A.12.6.1
A.12.6.1
A.11.4.4
A.12.6.1.
A.11.4.4
A.11.5.4
A.12.6.1
A.11.4.4
A.11.5.4
A.12.6.1
Standard/Best Practice
A.12.6.1
A.12.6.1
A.12.6.1
Password Encryption
Do passwords appear in
encrypted form when viewed at
the configuration file?
Authentication Settings
Is enable secret used for the
A.11.5.3
A.11.5.3
A.11.5.3
A.11.5.1
A.11.5.1
A.11.3.1
A.11.4.4
A.11.5.1
A.11.3.1
A.11.4.3
A.11.5.3
A.11.3.1
A.12.3.1
A.10.6.1
Administrator Authentication
Is authentication on the router
done through:
Locally configured
usernames and passwords
TACACS+/RADUIS server
Is there a documented procedure
for creation of users?
A.10.1.1
A.11.2.1
A.11.2.1
A.10.10.1
A.10.10.4
A.11.2.2
Management Access
Is the http/https Server used for
router management?
A.10.6.1
A.10.6.1
A.10.6.1
A.11.4.3
A.11.2.3
A.11.3.1
A.11.4.6
A.10.10.6
A.11.4.7
A.11.4.7
A.11.4.7
Configuration Maintenance
How often is the router
configurations backed up?
Is the backup moved to an offsite/DR site?
On the system where the
configuration files are stored, is
the local operating systems
security mechanisms used for
restricting access to the files (i.e.,
the machine should be password
enabled and prevent
unauthorized individuals from
accessing the machine.)?
Is the TFTP protocol used to
transfer configuration or image
A.10.5.1
A.10.5.1
A.10.5.1
A.10.6.1
is unsafe to use.
The TFTP process should be restricted to
certain addresses only (management
workstations) to reduce the risk. The service
should also be disabled when not in use
because it allows access to certain files in
the router flash.
A.10.5.1
A.10.1.2
A.14.1.3
A.14.1.3
A.14.1.5
A.13.1.1
A.10.10.2
A.10.10.1
A.13.1.1
A.10.1.1
A.10.10.1
A.10.10.2
A.10.10.5
A.13.2.2
A.13.2.1
A.6.1.7
A.12.6.1