After remediation, unmanaged (non-DoD owned or controlled) endpoints will not be given access to network resources, but will be forced to reapply via the network policy assessment server and be reassessed for compliance.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-18854 | SRC-NAC-230 | SV-20620r1_rule | Medium |
| Description |
|---|
| After initial remediation, unmanaged devices should be tested again prior to authorization and admittance. This will mitigate the risk that the remediation did not completely eliminate the cause of the initial assessment failure. |
| STIG | Date |
|---|---|
| Remote Access Policy STIG | 2016-03-28 |
Details
| Check Text ( C-22635r1_chk ) |
|---|
| Verify configuration of the enforcement server/solution. Check to see if unmanaged devices are set to be reassessed once remediation actions are completed. |
| Fix Text (F-19549r1_fix) |
|---|
| Ensure that unmanaged devices are set to be reassessed once remediation actions are completed. |