A network attached KVM switch used to administer ISs is not attached to an “out-of-band” network.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-6705 | KVM03.001.00 | SV-6900r1_rule | DCBP-1 | High |
| Description |
|---|
| If a network attached KVM switch is attached to an out-of-band network there is less opportunity for a malicious user to compromise the interface and create a denial of service by issuing disruptive commands to a server. The IAO or SA will ensure a network attached KVM switch used to administer ISs is connected to an “out-of-band” network. |
| STIG | Date |
|---|---|
| Keyboard Video and Mouse Switch STIG | 2014-08-04 |
Details
| Check Text ( C-2709r1_chk ) |
|---|
| The reviewer will interview the IAO or SA to verify that a network attached KVM switch used to administer ISs is connected to an “out of band” network. |
| Fix Text (F-6310r1_fix) |
|---|
| Develop a plan that will attach all network attached KVM switches used to administer ISs to a out-of-band network. Obtain CM approval and implement the plan. |