Administration terminals are used for other day-to-day functions (i.e. email, web browsing, etc).

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-7932	DSN04.03	SV-8418r1_rule	ECSC-1	Medium

Description
Requirement: The IAO will ensure that OAM&P / NM and CTI system workstations are not used for other day-to-day functions (i.e., e-mail, web browsing, etc). Dedicating DSN administration terminals to their intended purpose and not using them for day-to-day functions such as email and web browsing, will reduce the risk of unauthorized access by those that could achieve entry by exploiting an existing IP based vulnerability. Not only should DSN administration terminals connect to DSN switching systems via a controlled network segment, the terminal should also be dedicated for administration purposes only.

Description

Requirement: The IAO will ensure that OAM&P / NM and CTI system workstations are not used for other day-to-day functions (i.e., e-mail, web browsing, etc). Dedicating DSN administration terminals to their intended purpose and not using them for day-to-day functions such as email and web browsing, will reduce the risk of unauthorized access by those that could achieve entry by exploiting an existing IP based vulnerability. Not only should DSN administration terminals connect to DSN switching systems via a controlled network segment, the terminal should also be dedicated for administration purposes only.

STIG	Date
Defense Switched Network (DSN) STIG	2017-01-19

Details

Check Text ( C-7690r1_chk )
Interview the IAO and/or SA to confirm compliance through discussion, review of site policy and procedures, diagrams, documentation, configuration files, logs, records, DAA/other approvals, etc as applicable.

Fix Text (F-7507r1_fix)
Ensure dedicated terminals and workstations are used to administer DSN switching systems to that purpose only. Do not administer DSN switching systems from computer terminals that are used for day-to-day functions (i.e. email, web browsing, etc).