Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-30971 | CS-04.01.06 | SV-41013r2_rule | DCSR-3 ECCT-2 PESS-1 | High |
Description |
---|
A PDS that is not constructed and configured as required could result in the undetected interception of classified information. A continuously viewed PDS may not be in a physically hardened carrier and the primary means of protection is continuous observation and control of the unencrypted transmission line. If not maintained under continuous observation an attacker (insider or external) could have an opportunity to tap and intercept unencrypted communications on the exposed cable. |
STIG | Date |
---|---|
Traditional Security | 2013-07-11 |
Check Text ( C-39632r6_chk ) |
---|
Interior or Exterior PDS: Continuously viewed Carrier. This is one of three types of Hardened Distribution Systems allowed IAW the NSTISSI 7003. The other two types are Hardened Carrier or Alarmed Carrier. Check to ensure: 1. The transmission line is under continuous observation, 24 hours per day, including when operational. (CAT I finding) 2. It is separated from all non-continuously viewed circuits ensuring an open field of view. (CAT III finding) |
Fix Text (F-34782r5_fix) |
---|
Interior or Exterior PDS: Continuously viewed Carrier. This is one of three types of Hardened Distribution Systems allowed IAW the NSTISSI 7003. The other two types are Hardened Carrier or Alarmed Carrier. There are two requirements that must be met for this type of "hardened distribution system": 1. The transmission line must be under continuous observation, 24 hours per day (including when operational). 2. The transmission line must be separated from all non-continuously viewed circuits ensuring an open field of view. |