Information Assurance - NIPRNET Connection Approval (CAP)
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-31090 | IA-08.02.01 | SV-41177r2_rule | DCID-1 EBCR-1 | Medium |
| Description |
|---|
| Failure to meet security standards and have approval before connecting to the NIPRNET can result in a vulnerability to the DISN. |
| STIG | Date |
|---|---|
| Traditional Security | 2013-07-11 |
Details
| Check Text ( C-39723r6_chk ) |
|---|
| 1. Check the NIPRNet connection approval package. Conduct a cursory review for any traditional security issues. 2. Ensure the approval is current. The approval must come from the Unclassified Connection Approval Office (UCAO). TACTICAL ENVIRONMENT: The check is applicable. The ATO and associated documentation should be found in a fixed HQ location where the IAM/IAO are located. When possible, documentation should be requested/sought before departing on trips to tactical locations. Copies sent to the reviewers email (NIPR or SIPR depending on classification of document) can be used to validate compliance. |
| Fix Text (F-34921r3_fix) |
|---|
| 1. The NIPRNet connection approval package must be complete and accurate and the approval to connect (ATC) or Interim Approval to Connect (IATC) must be current. 2. The approval must come from the DISA Unclassified Connection Approval Office (UCAO). |