Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-30940 | CS-04.02.01 | SV-40982r3_rule | DCSR-3 ECCT-2 PESS-1 | Medium |
Description |
---|
A PDS that is not inspected and monitored as required could result in undetected access, sabotage or tampering of the unencrypted transmission lines. This could directly lead to the loss or compromise of classified. |
STIG | Date |
---|---|
Traditional Security | 2013-07-11 |
Check Text ( C-39600r2_chk ) |
---|
Check to ensure: (1) The PDS is visible for inspection. Whenever possible it is not to be installed behind walls, below raised floors, or above the ceiling. Transitioning walls, floors or ceilings between rooms is the only allowance for interior PDS to not be completely visible. PDS carrier or access points must not be installed directly against walls or other surfaces so that the entire 360 degree surface of the PDS can be viewed. (2) If the PDS is not visible ensure it (the carrier itself) is alarmed. NOTE: While alarming the space surrounding the PDS mitigates vulnerability - it does not meet the standard. |
Fix Text (F-34750r2_fix) |
---|
1. The PDS must be installed so that it is completely visible for inspection. Whenever possible it is not to be installed behind walls, below raised floors, or above the ceiling. Transitioning walls, floors or ceilings between rooms is the only allowance for interior PDS to not be completely visible. 2. If the PDS is not visible ensure it (the carrier itself) is alarmed. NOTE: While alarming the space surrounding the PDS mitigates vulnerability - it does not meet the standard. |