Servers and other hosts are not compliant with applicable Operating System (OS) STIG requirements.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-6622	SAN04.005.00	SV-6742r1_rule	DCCS-1 DCCS-2	Medium

Description
SAN servers and other hosts are hardware software combinations that actually run under the control of a native OS found on the component. This OS may be UNIX, LNIX, Windows, etc. The underlying OS must be configured to be compliant with the applicable STIG to ensure that they do not insert known vulnerabilities into the DOD network infrastructure. The IAO/NSO will ensure that servers and other hosts are compliant with applicable Operating System (OS) STIG requirements.

Description

SAN servers and other hosts are hardware software combinations that actually run under the control of a native OS found on the component. This OS may be UNIX, LNIX, Windows, etc. The underlying OS must be configured to be compliant with the applicable STIG to ensure that they do not insert known vulnerabilities into the DOD network infrastructure. The IAO/NSO will ensure that servers and other hosts are compliant with applicable Operating System (OS) STIG requirements.

STIG	Date
Storage Area Network STIG	2019-06-28

Details

Check Text ( C-2469r1_chk )
The reviewer will interview the IAO/NSO and view the VMS to verify that servers and other hosts are compliant with applicable Operating System (OS) STIG requirements.

Fix Text (F-6211r1_fix)
Perform a self assessment using the applicable OS checklists or scripts on any server or host in the SAN that has not been reviewer or request a formal review from FSO.