The network attached KVM switch must be configured to restrict a users access only to the systems they require.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-6711 | KVM03.007.00 | SV-6908r2_rule | ECAN-1 | Low |
| Description |
|---|
| Users accessing ISs they do not need access to can lead to the compromise of sensitive data. The ISSO will ensure the KVM switch is configured to restrict a user’s access to only the systems they require. |
| STIG | Date |
|---|---|
| Keyboard Video and Mouse Switch STIG | 2015-12-09 |
Details
| Check Text ( C-2723r2_chk ) |
|---|
| The reviewer will, with the assistance of the ISSO, try to access a system not allowed to the user signed onto the network attached KVM switch. If the user is able to access any systems, other than required systems, this is a finding. |
| Fix Text (F-6318r1_fix) |
|---|
| Reconfigure the network attached KVM switch to restrict users to systems they need to access. |