Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-7994 | DSN18.09 | SV-8480r2_rule | Low |
Description |
---|
FIPS 140-2 validated encryption mechanism is used to provide security of all data streams between the management port of the DSN component and a remote management station whether connected via a modem or network. The most secure authenticated session to any remote system is accomplished via a secure connection. Encryption provides confidentiality and should be used, if possible, to secure remote access connections to DSN administration/maintenance ports. |
STIG | Date |
---|---|
Defense Switched Network (DSN) STIG | 2017-01-19 |
Check Text ( C-61961r1_chk ) |
---|
Review site documentation to confirm FIPS 140-2 validated link encryption is used end-to-end for all data streams connecting to remote access ports of the telephone switch. If FIPS 140-2 validated link encryption is not used for data streams connecting to remote access ports of the telephone switch, this is a finding. |
Fix Text (F-7569r2_fix) |
---|
Implement end-to-end FIPS 140-2 validated link encryption for all data streams connecting to remote access ports of the telephone switch. |