UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

Ensure remote endpoints that are owned, controlled, and/or managed by DoD for processing or accessing DoD sensitive, non-public assets and comply the requirements.


Overview

Finding ID Version Rule ID IA Controls Severity
V-19140 SRC-EPT-050 SV-20953r1_rule ECSC-1 Medium
Description
Unmanaged endpoints must be configured according to the organization's security policy and standards before these devices can be allowed access to even the most non-sensitive areas of the network such as the DMZ. Unmanaged endpoints will never be allowed to traverse or access to the protected inner enclave regardless of configuration.
STIG Date
Remote Access Policy STIG 2015-09-16

Details

Check Text ( C-22760r1_chk )
Inspect a copy of the site’s remote user agreement and Service Level Agreements. Verify one of these documents include the requirements as follows:

– Are approved by the DAA;
– Use devices that are capable of complying with applicable STIG requirements to the greatest extent possible (i.e., comply with all CAT 1 requirements applicable to the OS and other technology used);
1. The owner signs forfeiture agreement in case of a security incident;
2. The security policy on the device is actively scanned prior to allowing access to the DoD Enclave by the IAO; and
3. Full access to the DoD internal protected enclave is not permitted. Access will be restricted to a limited access subnet.
Fix Text (F-19691r1_fix)
If unmanaged endpoints are used, ensure required documentation and agreements are completed in compliance with this requirement