Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
Virtual machines used for application development and testing must not share the same physical host with DoD operational virtual machines.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-39672 | ENTD0330 | SV-51539r1_rule | ECSC-1 | Medium |
| Description |
|---|
| Attacks on virtual machines from other VMs through denial of service and other attacks potentially stealing sensitive data such as source code used in application development. It is imperative to keep DoD operational virtual machines on physically separate platforms from test and development virtual machines. |
| STIG | Date |
|---|---|
| Test and Development Zone A Security Technical Implementation Guide | 2018-09-17 |
Details
| Check Text ( C-46827r1_chk ) |
|---|
| Review the system plan to determine whether physical hosts are sharing DoD operational and test and development virtual machines. |
| Fix Text (F-44680r2_fix) |
|---|
| Engineer a solution to use separate physical hosts for DoD operational and T&D virtual machines. |