After remediation, unmanaged (non-DoD owned or controlled) endpoints will not be given access to network resources, but will be forced to reapply via the network policy assessment server and be reassessed for compliance.

Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

After remediation, unmanaged (non-DoD owned or controlled) endpoints will not be given access to network resources, but will be forced to reapply via the network policy assessment server and be reassessed for compliance.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-18854	SRC-NAC-230	SV-20620r1_rule	ECSC-1	Medium

Description
After initial remediation, unmanaged devices should be tested again prior to authorization and admittance. This will mitigate the risk that the remediation did not completely eliminate the cause of the initial assessment failure.

STIG	Date
Remote Access Policy STIG	2015-09-16

Details

Check Text ( C-22635r1_chk )
Verify configuration of the enforcement server/solution. Check to see if unmanaged devices are set to be reassessed once remediation actions are completed.

Fix Text (F-19549r1_fix)
Ensure that unmanaged devices are set to be reassessed once remediation actions are completed.