Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The connection between the Channel Service Unit/Data Service Unit (CSU/DSU) and the Local Exchange Carriers (LEC) data service jack (i.e., demarc) as well as any service provider premise equipment must be located in a secure environment.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-251334 | NET0140 | SV-251334r805957_rule | Low |
| Description |
|---|
| DOD leased lines carry an aggregate of sensitive and non-sensitive data; therefore unauthorized access must be restricted. Inadequate cable protection can lead to damage and denial of service attacks against the site and the LAN infrastructure. |
| STIG | Date |
|---|---|
| Network Infrastructure Policy Security Technical Implementation Guide | 2022-10-18 |
Details
| Check Text ( C-54769r805955_chk ) |
|---|
| Review the network topology to determine external connections and inspect location where CSU/DSUs and data service jacks reside. If these components are not in a secured environment, this is a finding. |
| Fix Text (F-54722r805956_fix) |
|---|
| Move all critical communications to controlled access areas. Controlled access areas in this case means controlled restriction to authorize site personnel, i.e., dedicated communications rooms or locked cabinets. This is an area afforded entry control at a security level commensurate with the operational requirement. This protection will be sufficient to protect the network from unauthorized personnel. The keys to the locked cabinets and dedicated communications rooms will be controlled and only provided to authorized network/network security individuals. |