Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-24177 | STO-DRV-021 | SV-29818r1_rule | High |
Description |
---|
The exploitation of this vulnerability will directly and immediately result in loss of, unauthorized disclosure of, or access to classified data or materials. An NSA-approved, Type 1 solution includes the hardware, software, and proof of coordination/approval with NSA for the level of classified processed by the external storage solution. |
STIG | Date |
---|---|
Removable Storage and External Connections Security Technical Implementation Guide | 2016-12-16 |
Check Text ( C-30145r1_chk ) |
---|
1. Verify use of an NSA-approved solution which is approved for use for the level of classified data stored on the device. This solution will be implemented in consultation with NSA and will include the hardware, software, and configuration required for secure implementation of the solution. 2. Verify use of an NSA-certified, Type 1 encryption module for protecting data-at-rest. |
Fix Text (F-26934r1_fix) |
---|
Use an National Security Agency (NSA), Type 1 certified solution when storing classified information on USB flash media and other removable storage devices. |