Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-31897 | IS-02.02.09 | SV-42194r2_rule | ECAT-2 ECCD-1 | Medium |
Description |
---|
Persons not vetted to at least the same level of classification residing on the information systems being protected by the ACS could gain access to the ACS transmission line and tamper with it to facilitate surreptitious access to the secure space. Proper line supervision and physical protection within conduit will enable detection of line tampering. Such failure to meet standards for line supervision and physical protection could result in the loss or compromise of classified material. |
STIG | Date |
---|---|
Traditional Security | 2013-07-11 |
Check Text ( C-40606r5_chk ) |
---|
Check to ensure Access Control Systems (ACS) protecting SIPRNet assets that use transmission lines to carry access authorizations, personal identification data, or verification data between devices or equipment, which are located outside at least a Secret Controlled Access Area (CAA) have line supervision and are physically protected within conduit. TACTICAL ENVIRONMENT: This check is applicable where Vaults/Secure Rooms are used to protect classified materials or systems in a tactical environment. The only exception will be for urgent (short term) tactical operations or other contingency situations where fixed facilities and equipment are not yet present or incapable of being used. |
Fix Text (F-35835r3_fix) |
---|
Ensure Access Control Systems (ACS) that use transmission lines to carry access authorizations, personal identification data, or verification data between devices or equipment, which are located outside at least a Secret Controlled Access Area (CAA) have line supervision and are physically protected within conduit. |