UCF STIG Viewer Logo

The Zone D test and development environment must be physically separate and isolated from any DoD operational network.


Overview

Finding ID Version Rule ID IA Controls Severity
V-39659 ENTD0200 SV-51526r2_rule High
Description
Systems found in the Zone D test and development environment are typically non-IA-compliant test systems that include hardware, software, or development systems. These systems typically do not follow the appropriate best security practices. Therefore, if they are connected to any operational network, it is possible to infect live data or degrade infrastructure in an operational network.
STIG Date
Test and Development Zone D Security Technical Implementation Guide 2018-09-17

Details

Check Text ( C-46814r3_chk )
Review the organization's network diagrams for the Zone D test and development environment and work with the network reviewer to determine whether the environment is physically separate and isolated from any DoD operational network. If physical separation or isolation is not shown for the Zone D test and development environment on the network diagrams, this is a finding.
Fix Text (F-44667r3_fix)
Physically separate and isolate the Zone D test and development environment from any DoD operational network.