Client agents which have been customized with DoD restricted, non-public information or information which may divulge network details (e.g., internal IP ranges or network host names) will not be installed on unmanaged, non-government client endpoints such as kiosks and public computers.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-18843 | SRC-NAC-150 | SV-20596r1_rule | Medium |
| Description |
|---|
| Unmanaged clients such as partner or contractor-owned devices should not contain restricted government informaiton. |
| STIG | Date |
|---|---|
| Remote Access Policy STIG | 2016-03-28 |
Details
| Check Text ( C-22600r1_chk ) |
|---|
| Interview the site personnel. If unmanaged endpoints are permitted access, ask if the agent is preconfigued with IP address ranges and other government information. |
| Fix Text (F-19518r1_fix) |
|---|
| Ensure unmanaged endpoints, when allowed, are not preconfigued with agents containing sensitive network access information such as IP address ranges. |