Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-259899 | SRG-VOIP-000190 | SV-259899r948743_rule | Low |
Description |
---|
Committee on National Security Systems Advisory Memorandum (CNSSAM) TEMPEST/01-13, RED/BLACK Installation Guidance, provides criteria for the installation of electronic equipment, cabling, and facility support for the processing of secure information. National policy requires that systems and facilities processing NSI must be reviewed by a Certified TEMPEST Technical Authority (CTTA) to achieve TEMPEST security. The RED/BLACK guidance contained in TEMPEST/01-13 will be considered by the CTTA along with other measures (e.g., TEMPEST Zoning, TEMPEST-suppressed equipment and shielding) to determine the most cost-effective countermeasures to achieve TEMPEST security. Only those RED/BLACK criteria specifically identified by the CTTA will be implemented. |
STIG | Date |
---|---|
Enterprise Voice, Video, and Messaging Policy Security Requirements Guide | 2024-03-12 |
Check Text ( C-63630r946616_chk ) |
---|
Review the documentation to determine if the A/B, A/B/C, or A/B/C/D switch is TEMPEST certified. Review TEMPEST certification documentation provided by a CTTA or the vendor to determine if the switch is TEMPEST certified. If the A/B, A/B/C, or A/B/C/D switch is not on the list, or satisfactory documentation is not provided, this is a finding. |
Fix Text (F-63537r946617_fix) |
---|
Obtain and install a TEMPEST-certified A/B, A/B/C, or A/B/C/D switch. |