Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The IAO does not conduct and document self-inspections of the DSN components at least semi-annually for security risks.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-7921 | DSN01.01 | SV-8407r1_rule | ECMT-1 ECMT-2 ECSC-1 | Low |
| Description |
|---|
| Requirement: The IAO will ensure that self-inspections of the telephone components, are conducted and documented for security risks at least semi annually. If periodic security self-inspections are not conducted, vulnerabilities could go unnoticed during day to day operations resulting in an unacceptable level of risk that could lead to possible compromise. By conducting security self-inspections, security risks can be identified, analyzed, and if not mitigated, appropriately addressed. |
| STIG | Date |
|---|---|
| Defense Switched Network (DSN) STIG | 2015-08-11 |
Details
| Check Text ( C-7302r1_chk ) |
|---|
| Interview the IAO and/or SA to confirm compliance through discussion, review of site policy and procedures, diagrams, documentation, configuration files, logs, records, DAA/other approvals, etc as applicable |
| Fix Text (F-7965r1_fix) |
|---|
| Establish policy and procedures to ensure that, at a minimum, semi-annual security self-inspections are conducted. |