UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

Privilege authorization, Direct Inward System Access and/or Voice Mail special authorization codes or individually assigned PINS are not changed when compromised.


Overview

Finding ID Version Rule ID IA Controls Severity
V-7944 DSN07.04 SV-8430r1_rule ECSC-1 Low
Description
Requirement: The IAO will ensure that all Voice Mail (and/or Privilege authorization, Direct Inward System Access) special authorization codes or individually assigned PINs are changed immediately if it is determined that they are compromised. If special authorization codes or individually assigned PINS are determined to be compromised, all access control to this feature is lost. Furthermore, this can lead to call fraud and abuse. As with any access control mechanism, once compromised, changes should be implemented to ensure secure access.
STIG Date
Defense Switched Network (DSN) STIG 2015-06-30

Details

Check Text ( C-7325r1_chk )
Interview the IAO or SA and confirm compliance through discussion, review of site policy, diagrams, documentation, DAA approvals, etc as applicable.
Fix Text (F-7968r1_fix)
Implement processes / procedures, generate documents, and/or adjust configuration(s) / architecture, as necessary to comply with policy.