UCF STIG Viewer Logo

Virtual machines used for application development and testing must not share the same physical host with DoD operational virtual machines.


Overview

Finding ID Version Rule ID IA Controls Severity
V-39672 ENTD0330 SV-51539r1_rule ECSC-1 Medium
Description
Attacks on virtual machines from other VMs through denial of service and other attacks potentially stealing sensitive data such as source code used in application development. It is imperative to keep DoD operational virtual machines on physically separate platforms from test and development virtual machines.
STIG Date
Test and Development Zone B Security Technical Implementation Guide 2015-12-17

Details

Check Text ( C-46827r1_chk )
Review the system plan to determine whether physical hosts are sharing DoD operational and test and development virtual machines.
Fix Text (F-44680r2_fix)
Engineer a solution to use separate physical hosts for DoD operational and T&D virtual machines.