Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
PEPS-1 Physical Security Testing
Overview
A facility penetration testing process is in place that includes periodic, unannounced attempts to penetrate key computing facilities.
| MAC / CONF | Impact | Subject Area |
|---|---|---|
| CLASSIFIED SENSITIVE | Low | Physical and Environmental |
Details
| Threat |
|---|
| All documents, equipment, and machine-readable media are at risk from unauthorized personnel, access, copying and illegal distribution, if penetration testing to computing facilities are not performed. |
| Guidance |
|---|
| 1. A facility penetration testing process shall be in place. 2. Periodic, unannounced attempts to penetrate key computing facilities shall take place. 3. Results to periodic, unannounced attempts to penetrate key computing facilities shall be documented and shared with authorized security management and personnel. 4. Review of the results to the periodic, unannounced attempts to penetrate key computing facilities shall take place within one week of each test to determine if any changes are required to correct deficiencies in facility security. |
References
- N/A