UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

Documented procedures do not exist that will prepare for a suspected compromise of a DSN component.


Overview

Finding ID Version Rule ID IA Controls Severity
V-7972 DSN14.02 SV-8458r1_rule ECSC-1 Medium
Description
Requirement: The IAO will ensure that compromise recovery procedures are documented that will accomplish the following: - Verify the integrity of the hardware, software, and communication lines configuration.- Verify the integrity of the switch tables (database). - Perform an audit trail analysis and evaluation. - Enforce the change of all passwords for accessing the A/NM domain .- Report to the Theater and other concerned authorities the detection of possible unauthorized physical intrusion.The following measures will ensure that a compromise of a DSN component will be handled and reported properly: verification of the integrity of the hardware, software, communication lines configuration, switch tables (database); performance of an audit trail analysis and evaluation; enforcing the change of all passwords for accessing the DSN component; reporting to the theater and other concerned authorities the detection of possible unauthorized physical intrusion.
STIG Date
Defense Switched Network STIG 2015-01-02

Details

Check Text ( C-7650r1_chk )
Interview the IAO and/or SA to confirm compliance through discussion, review of site policy and procedures, diagrams, documentation, configuration files, logs, records, DAA/other approvals, etc as applicable.
Fix Text (F-7968r1_fix)
Implement processes / procedures, generate documents, and/or adjust configuration(s) / architecture, as necessary to comply with policy.