The KVM switch is not physically protected in accordance with the requirements of the highest classification for any IS connected to the KVM switch.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-6677	KVM01.003.00	SV-6825r1_rule	PECF-1 PECF-2	High

Description
IF the KVM switch is not physically protected in accordance with the requirements of the highest classification for any IS connected to the KVM switch, the KVM switch can be tampered with leading to the compromise of sensitive data or a denial of service caused by the disruption of the systems the KVM switch is connected. The IAO or SA will ensure that the KVM switch is physically protected in accordance with the requirements of the highest classification for any IS connected to the KVM switch.

Description

IF the KVM switch is not physically protected in accordance with the requirements of the highest classification for any IS connected to the KVM switch, the KVM switch can be tampered with leading to the compromise of sensitive data or a denial of service caused by the disruption of the systems the KVM switch is connected. The IAO or SA will ensure that the KVM switch is physically protected in accordance with the requirements of the highest classification for any IS connected to the KVM switch.

STIG	Date
Keyboard Video and Mouse Switch STIG	2014-08-04

Details

Check Text ( C-2605r1_chk )
The reviewer will check the location of the KVM switch. Verify that it is located in area that is secured in the same manner as required of the IS with the highest classification level.

Fix Text (F-6259r1_fix)
Develop a plan to move the KVM switch to a location that is physically protected in accordance with the requirements of the highest classification for any IS connected to the KVM switch. Obtain CM approval for the plan and implement the plan.