Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
Documented procedures do not exist that will prepare for a suspected compromise of a DSN component.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-7972 | DSN14.02 | SV-8458r1_rule | ECSC-1 | Medium |
| Description |
|---|
| Requirement: The IAO will ensure that compromise recovery procedures are documented that will accomplish the following: - Verify the integrity of the hardware, software, and communication lines configuration.- Verify the integrity of the switch tables (database). - Perform an audit trail analysis and evaluation. - Enforce the change of all passwords for accessing the A/NM domain .- Report to the Theater and other concerned authorities the detection of possible unauthorized physical intrusion.The following measures will ensure that a compromise of a DSN component will be handled and reported properly: verification of the integrity of the hardware, software, communication lines configuration, switch tables (database); performance of an audit trail analysis and evaluation; enforcing the change of all passwords for accessing the DSN component; reporting to the theater and other concerned authorities the detection of possible unauthorized physical intrusion. |
| STIG | Date |
|---|---|
| Defense Switched Network (DSN) STIG | 2015-08-11 |
Details
| Check Text ( C-7650r1_chk ) |
|---|
| Interview the IAO and/or SA to confirm compliance through discussion, review of site policy and procedures, diagrams, documentation, configuration files, logs, records, DAA/other approvals, etc as applicable. |
| Fix Text (F-7968r1_fix) |
|---|
| Implement processes / procedures, generate documents, and/or adjust configuration(s) / architecture, as necessary to comply with policy. |