The option to use the “callback” feature for remote access is not being used.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-7993 | DSN18.08 | SV-8479r1_rule | ECSC-1 | Low |
| Description |
|---|
| Requirement: The IAO will ensure that modem access to remote management ports incorporates the “callback” feature where technically feasible. The callback feature ensures that pre-authorized user directory numbers are being used to access the DSN components. Callback features are an attempt to protect the network by providing a service that disconnects an incoming call and reestablishes the call, dialing back to a predetermined number. Upon establishment of the callback connection, the communications device will require the user to authenticate to the system. This feature enhances security authentication access to the system. If available, this feature should be used. This feature is especially important for remote unmanned switch sites where modem connections can not be physically disconnected when not in use. |
| STIG | Date |
|---|---|
| Defense Switched Network STIG | 2015-01-02 |
Details
| Check Text ( C-7302r1_chk ) |
|---|
| Interview the IAO and/or SA to confirm compliance through discussion, review of site policy and procedures, diagrams, documentation, configuration files, logs, records, DAA/other approvals, etc as applicable |
| Fix Text (F-7568r1_fix) |
|---|
| > The ISSO/IAO should ensure that all DSN components are using the callback feature, if this feature is available. |