DoD voice/video/RTS information system assets and vulnerabilities are not tracked and managed using any vulnerability management system as required by DoD policy.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-8339 | DSN02.05 | SV-8834r1_rule | Low |
| Description |
|---|
| Requirement: The IAO will ensure that all systems including switches, OAM&P systems, auxiliary/adjunct, and peripheral systems connected to the DSN along with their SAs are registered and tracked with an asset and vulnerability management system similar to VMS. |
| STIG | Date |
|---|---|
| Defense Switched Network (DSN) STIG | 2017-01-19 |
Details
| Check Text ( C-7650r1_chk ) |
|---|
| Interview the IAO and/or SA to confirm compliance through discussion, review of site policy and procedures, diagrams, documentation, configuration files, logs, records, DAA/other approvals, etc as applicable. |
| Fix Text (F-7968r1_fix) |
|---|
| Implement processes / procedures, generate documents, and/or adjust configuration(s) / architecture, as necessary to comply with policy. |