The DAA will approve all remote access connections that bypass the policy enforcment/assessment solution.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-18851 | SRC-NAC-200 | SV-20616r1_rule | High |
| Description |
|---|
| Remote access connections that bypass established security controls should be only in cases of administrative need. These procedures and use cases must be approved by the DAA. |
| STIG | Date |
|---|---|
| Remote Access Policy STIG | 2016-03-28 |
Details
| Check Text ( C-22631r1_chk ) |
|---|
| Verify that if the bypass procedure has been DAA approved by checking the documentation. |
| Fix Text (F-19545r1_fix) |
|---|
| Document approval by the DAA for all access control bypass procedures. |