UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

System Administrators (SAs) responsible for DSN information systems are not registered with the DISA VMS.


Overview

Finding ID Version Rule ID IA Controls Severity
V-7925 DSN02.02 SV-8411r1_rule ECND-1 ECND-2 ECSC-1 Low
Description
Requirement: The IAO will ensure that all Switch and System Administrators (SAs) responsible for VMS registered DSN critical assets will also be registered with the VMS. This includes non DISA personnel responsible for TSs or MFSs owned and operated by DoD components Exception: This does not apply to SAs that are ONLY responsible for systems owned, operated, and maintained by DoD components other than DISA.The DISA/DoD VMS in conjunction with JTF-GNO sends out notifications on vulnerabilities (IAVMs) as they are discovered in commercial and military information infrastructures. If DSN assets and their SAs are not registered with the DISA/DoD VMS, administrators will not be notified of important vulnerabilities such as viruses, denial of service attacks, system weaknesses, back doors and other potentially harmful situations.
STIG Date
Defense Switched Network (DSN) STIG 2015-06-30

Details

Check Text ( C-7306r1_chk )
Interview the IAO or SA and confirm compliance through discussion, review of site policy, diagrams, documentation, DAA approvals, etc as applicable.
Fix Text (F-7989r1_fix)
Comply with policy. Register all assets and their SAs in the DISA/DoD VMS that are required to be registered.