Applications must support organizational requirements restricting users from introducing removable media into the information system.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-27077	SRG-APP-NA	SV-34372r1_rule		Medium

Description
Malicious code is known to propagate via removable media such as, floppy disks, USB or flash drives, and removable hard drives. In order to prevent propagation and potential infection due to malware contained on removable media, the information system must be able to restrict and/or limit the use of removable media. Applications must not be designed so as to circumvent or otherwise disable this protection requirement. This is a requirement to restrict users from inserting removable media into a system. This is not an application requirement.

Description

Malicious code is known to propagate via removable media such as, floppy disks, USB or flash drives, and removable hard drives. In order to prevent propagation and potential infection due to malware contained on removable media, the information system must be able to restrict and/or limit the use of removable media. Applications must not be designed so as to circumvent or otherwise disable this protection requirement. This is a requirement to restrict users from inserting removable media into a system. This is not an application requirement.

STIG	Date
Application Security Requirements Guide	2011-12-28

Details

Check Text ( None )
None

Fix Text (None)
None