UCF STIG Viewer Logo

Site personnel have not received the proper security training and/or are not familiar with the documents located in the security library.


Overview

Finding ID Version Rule ID IA Controls Severity
V-7980 DSN16.02 SV-8466r1_rule ECSC-1 PRTN-1 Medium
Description
Requirement: The IAO will ensure that personnel are familiar with the security practices outlined by applicable documents found in the site’s library and have received the appropriate security training.A personnel security program, combined with other protective measures, make up a security plan to keep DSN assets safe from intrusion or other types of disruptions. The DSN Security Guide describes the personnel security requirements for various types of individuals. To be effective, any security plan requires some type of familiarization and training for its users and participants.
STIG Date
Defense Switched Network (DSN) STIG 2017-01-19

Details

Check Text ( C-7361r1_chk )
Interview the IAO or SA and confirm compliance through discussion, review of site policy, diagrams, documentation, DAA approvals, etc as applicable.
Fix Text (F-7555r1_fix)
The ISSO/IAO will establish a security practices plan, as outlined in the DSN Security Guide, to ensure that personnel are familiar with the security practices outlined by applicable documents found in the site’s library and have received the appropriate security training.