UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

When connected to a non-DoD owned network, remote users are trained to either disable the wireless radio or disconnect the network cable when communication is no longer needed or the VPN is disconnected.


Overview

Finding ID Version Rule ID IA Controls Severity
V-19148 SRC-EPT-100 SV-20961r1_rule ECSC-1 Low
Description
Endpoints that are directly connected to public networks are vulnerable to various forms of attack the longer they remain connected. A properly configured VPN adds defense in depth protection. NOTE: Users who are trained and provide documentation (screen-prints) showing compliance with the telework isolation policy are compliant with the requirement.
STIG Date
Remote Access Policy STIG 2015-09-16

Details

Check Text ( C-22782r1_chk )
Verify by inspecting the training material or security checklist.

An automated method where the NIC is disabled may be implemented.
Fix Text (F-19699r1_fix)
Implement automated controls or train users to physically disconnect or disable NICs when no longer connected to the secure VPN.