Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-19142 | SRC-EPT-060 | SV-20955r1_rule | Low |
Description |
---|
Lack of user training and understanding of responsibilities to safeguard the network are a significant vulnerability to the enclave. Once policies are established, users must be trained to these requirements or the risk to the network remains. |
STIG | Date |
---|---|
Remote Access Policy STIG | 2016-03-28 |
Check Text ( C-22762r1_chk ) |
---|
Inspect a copy of the site’s security checklist, if available. This checklist may be incorporated into the user agreement or the user training. The checklist is different from the user agreement in that it incorporates all of the user's security responsibilities concerning remote computing and network security in general. Verify that documentation exists to show that users are required to read and sign this checklist or training material. |
Fix Text (F-19693r1_fix) |
---|
Ensure a checklist or detailed user training is used to inform the users of their security responsibilities. |