Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-7921 | DSN01.01 | SV-8407r1_rule | Low |
Description |
---|
Requirement: The IAO will ensure that self-inspections of the telephone components, are conducted and documented for security risks at least semi annually. If periodic security self-inspections are not conducted, vulnerabilities could go unnoticed during day to day operations resulting in an unacceptable level of risk that could lead to possible compromise. By conducting security self-inspections, security risks can be identified, analyzed, and if not mitigated, appropriately addressed. |
STIG | Date |
---|---|
Defense Switched Network (DSN) STIG | 2017-01-19 |
Check Text ( C-7302r1_chk ) |
---|
Interview the IAO and/or SA to confirm compliance through discussion, review of site policy and procedures, diagrams, documentation, configuration files, logs, records, DAA/other approvals, etc as applicable |
Fix Text (F-7965r1_fix) |
---|
Establish policy and procedures to ensure that, at a minimum, semi-annual security self-inspections are conducted. |