Client agents which have been customized with DoD restricted, non-public information or information which may divulge network details (e.g., internal IP ranges or network host names) will not be installed on unmanaged, non-government client endpoints such as kiosks and public computers.

Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

Client agents which have been customized with DoD restricted, non-public information or information which may divulge network details (e.g., internal IP ranges or network host names) will not be installed on unmanaged, non-government client endpoints such as kiosks and public computers.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-18843	SRC-NAC-150	SV-20596r1_rule	ECSC-1	Medium

Description
Unmanaged clients such as partner or contractor-owned devices should not contain restricted government informaiton.

STIG	Date
Remote Access Policy STIG	2015-09-16

Details

Check Text ( C-22600r1_chk )
Interview the site personnel. If unmanaged endpoints are permitted access, ask if the agent is preconfigued with IP address ranges and other government information.

Fix Text (F-19518r1_fix)
Ensure unmanaged endpoints, when allowed, are not preconfigued with agents containing sensitive network access information such as IP address ranges.