The information system must provide the capability to remotely view/hear all content related to an established user session in real time.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-27263 | SRG-NET-NA | SV-34562r1_rule | Medium |
| Description |
|---|
| Users that establish sessions with network elements are administrators who have a session with the device for the sole purpose of administrative access. All in-band access sessions must be encrypted (SSH, HTTPS, etc.); hence, there is no way to capture and view the traffic remotely. There for this requirement would not be applicable. |
| STIG | Date |
|---|---|
| Network Security Requirements Guide | 2011-12-28 |
Details
| Check Text ( None ) |
|---|
| None |
| Fix Text (None) |
|---|
| None |