Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-8341 | DSN03.02 | SV-8836r1_rule | Low |
Description |
---|
Requirement: The DSN PMO and/or site command/management will ensure that “compliance with all applicable STIGs” requirements and validation measures are added to specifications and contracts for commercially leased or procured telecommunications services or systems.STIG compliance is DoD policy and must be accomplished to the greatest extent possible so that any information system may be Certified and Accredited, operated, and connected to other systems if applicable. Placing this requirement in procurement contracts puts the vendor on notice that their product or solution must support these DoD policy requirements. |
STIG | Date |
---|---|
Defense Switched Network (DSN) STIG | 2017-01-19 |
Check Text ( C-7650r1_chk ) |
---|
Interview the IAO and/or SA to confirm compliance through discussion, review of site policy and procedures, diagrams, documentation, configuration files, logs, records, DAA/other approvals, etc as applicable. |
Fix Text (F-7968r1_fix) |
---|
Implement processes / procedures, generate documents, and/or adjust configuration(s) / architecture, as necessary to comply with policy. |