Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-6701 | KVM02.007.00 | SV-6882r3_rule | DCBP-1 | Medium |
Description |
---|
Tamper evident seals are designed to break if tampered with or show evidence of tampering. They are used to indicate a cabinet has been opened or a cable has been removed, moved or added. For KVM switches attached to ISs of differing classification levels it is necessary to be aware of any potential tampering with the connections. Switching the cables for two ISs could lead to the compromise of sensitive data. Removal of a cable could lead to a denial of service until it is reattached. The ISSO or SA will ensure tamper evident seals are attached to the KVM switch and all IS cables at their attachment points. |
STIG | Date |
---|---|
Keyboard Video and Mouse Switch STIG | 2015-12-09 |
Check Text ( C-2678r4_chk ) |
---|
The reviewer will verify tamper evident seals are attached to the KVM switches and to the IS cable attachment points. If tamper evident seals are not placed on the KVM switch and the IS cable attachment points, this is a finding. For cables, these seals will be placed across the junction between the switch and the cable. For the KVM switch, the seals will be placed across the KVM case joints such that opening the case will break the seal. |
Fix Text (F-6296r3_fix) |
---|
Obtain tamper evident seals and apply them to the KVM switch case joints such that if the case is opened the seal will be broken. Also place them across the junction between the IS cables and the KVM switch so that if a cable is moved or removed the seal will be broken. NSA IAD Protective Technologies has tamper evident products available for use, including seals for RJ45, D-sub, and USB ports. These can be obtained by contacting them either on NIPRNet at ptproducts@radium.ncsc.mil or on SIPRNet at ptproducts@nsa.smil.mil. When ordering, please specify that this is for use on a DoD Information System and the government use version is needed. |