Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-18851 | SRC-NAC-200 | SV-20616r1_rule | High |
Description |
---|
Remote access connections that bypass established security controls should be only in cases of administrative need. These procedures and use cases must be approved by the DAA. |
STIG | Date |
---|---|
Remote Access Policy STIG | 2016-03-28 |
Check Text ( C-22631r1_chk ) |
---|
Verify that if the bypass procedure has been DAA approved by checking the documentation. |
Fix Text (F-19545r1_fix) |
---|
Document approval by the DAA for all access control bypass procedures. |