Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-19152 | SRC-EPT-020 | SV-20965r1_rule | ECSC-1 | Medium |
Description |
---|
Equipment owned or controlled by non-DoD entities may contain malware or other vulnerabilities which may present a danger to the network. |
STIG | Date |
---|---|
Remote Access Policy STIG | 2015-09-16 |
Check Text ( C-22787r1_chk ) |
---|
Interview the IAO. Ask if remote access equipment, endpoints, and communications equipment is government owned. |
Fix Text (F-19703r1_fix) |
---|
Ensure all equipment used for remote access solutions which process classified information is government owned and managed. |