Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
All the network level devices interconnected to the SAN are not located in a secure room with limited access.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-6631 | SAN04.008.00 | SV-6751r1_rule | PECF-1 PECF-2 | Medium |
| Description |
|---|
| If the network level devices are not located in a secure area they can be tampered with which could lead to a denial of service if the device is powered off or sensitive data can be compromised by a tap connected to the device. The IAO/NSO will ensure that all the network level devices interconnected to the SAN are located in a secure room with limited access. |
| STIG | Date |
|---|---|
| Storage Area Network STIG | 2019-06-28 |
Details
| Check Text ( C-2485r1_chk ) |
|---|
| The reviewer will interview the IAO/NSO and view the network level devices to verify whether they are located in a secure room with limited access. |
| Fix Text (F-6219r1_fix) |
|---|
| Develop a plan to move the network level devices to a location/room where the can be physically secured in a manner appropriate to the classification level of the data the handle. Obtain CM approval of the plan and then implement the plan moving the devices. |