An A/B switch must not be used to share a peripheral device between two or more users.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-6757	KVM04.004.00	SV-6979r2_rule	DCBP-1	Medium

Description
When using an A/B switch to switch a peripheral between two or more users the risk always exists where the peripheral is connected to the wrong IS. An example would be a scanner shared between two systems using an A/B switch. If the user presses the scan button when the A/B switch is pointed to a different IS than the user intended, the document would be scanned into the wrong system. This could lead to the compromise of sensitive data. The ISSO or SA will ensure an A/B switch is not used to share a peripheral device between two or more users.

Description

When using an A/B switch to switch a peripheral between two or more users the risk always exists where the peripheral is connected to the wrong IS. An example would be a scanner shared between two systems using an A/B switch. If the user presses the scan button when the A/B switch is pointed to a different IS than the user intended, the document would be scanned into the wrong system. This could lead to the compromise of sensitive data. The ISSO or SA will ensure an A/B switch is not used to share a peripheral device between two or more users.

STIG	Date
Keyboard Video and Mouse Switch STIG	2015-12-09

Details

Check Text ( C-2899r2_chk )
The reviewer will interview the ISSO or SA to verify that A/B switches are not being used to share peripherals between two users. If an A/B switch is being used to share peripherals between users, this is a finding.

Fix Text (F-6405r1_fix)
Develop a plan to remove all A/B switches that are being used to switch peripherals between two or more users and to acquire new peripherals to support documented needs. Obtain CM approval of the plan and execute the plan.