Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
ECSC-1 Security Configuration Compliance
Overview
For Enclaves and AIS applications, all DoD security configuration or implementation guides have been applied.
| MAC / CONF | Impact | Subject Area |
|---|---|---|
| MACI MACII MACIII | High | Enclave Computing Environment |
Details
| Threat |
|---|
| The computer hardware and software systems used within the DOD have varying amounts of risks. Security configuration or implementation guides are created to minimize the security risks associated with the hardware or software products. |
| Guidance |
|---|
| 1. All IA and IA-enabled applications deployed within the enclave (C&A boundary) shall be configured or implemented according to the information within applicable security guides (e.g., STIGs, SNAC Guides). 2. If security guides are not available for deployed IA products, waivers shall be obtained and commercial best practices shall be applied. |
References
- http://www.nsa.gov/snac/ National Security Agency, Systems and Network Attack Center - Security and Configuration Guides
- http://csrc.nist.gov/pcig/ Defense Information Systems Agency, STIGs
- http://csrc.nist.gov/pcig/ppsp.html Public and Private Security Practices