UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

Classified Reproduction - Following guidance for System to Media Transfer of Data from systems connected specifically to the SIPRNet In-Accordance-With (IAW) US Cybercom CTO 10-133 .


Overview

Finding ID Version Rule ID IA Controls Severity
V-31996 IS-10.02.01 SV-42295r2_rule PESP-1 PESS-1 Medium
Description
Failure to follow guidance for disabling removable media drives on devices connected to the SIPRNet or if approved by the local DAA failure to follow US CYBERCOM procedures for using removable media on SIPRNet could result in the loss or compromise of classified information.
STIG Date
Traditional Security 2013-07-11

Details

Check Text ( C-40636r4_chk )
General guidance: Paper copies, electronic files, and other material containing classified information shall be reproduced only when necessary for accomplishing the organizations mission or for complying with applicable statutes or Directives. Personnel reproducing classified information must be knowledgeable of the procedures for classified reproduction and aware of the risks involved with the specific reproduction equipment and media being used and the appropriate countermeasures they are required to take. Reproduced material is to be placed under the same accountability and control requirements as applied to the original material. Classified material is to be reproduced only on approved and when applicable, properly
accredited systems.

This check concerns ONLY reproduction and/or transfer of classified data using all forms of removable media on SIPRNet connected devices or systems.

Check to ensure that US Cybercom Communications Tasking Order (CTO) 10-133 is being complied with as follows:

1. Ensure that the write capability for all possible removable media is disabled as a default setting on all SIPRNet connected machines.

2. Ensure that write settings are only allowed when specifically approved by using the HBSS Device Control Module (DCM).

3. Ensure the system DAA has specifically approved all persons authorized to transfer data from SIPRNet connected system components.

4. Ensure the IAM maintains a list of all persons authorized by the DAA to transfer data from the SIPRNet.

5. Ensure there are written procedures approved by the DAA for use of removable media on SIPRNet.

NOTE: Coordination with Technical Reviewers may be required to determine all of the information outlined above.

TACTICAL ENVIRONMENT: This check is applicable in a fixed operational facility in a tactical environment if classified equipment is used or documents or media are created/extracted from the SIPRNet. The only exception will be for urgent (short term) tactical operations or other contingency situations where fixed facilities and equipment are not yet present or incapable of being used.
Fix Text (F-35930r1_fix)
General guidance to consider: Paper copies, electronic files, and other material containing classified information shall be reproduced only when necessary for accomplishing the organizations mission or for complying with applicable statutes or Directives. Personnel reproducing classified information must be knowledgeable of the procedures for classified reproduction and aware of the risks involved with the specific reproduction equipment and media being used and the appropriate countermeasures they are required to take. Reproduced material is to be placed under the same accountability and control requirements as applied to the original material. Classified material is to be reproduced only on approved and when applicable, properly
accredited systems.

This check concerns ONLY reproduction and/or transfer of classified data using all forms of removable media on SIPRNet connected devices or systems.

Ensure that US Cybercom Communications Tasking Order (CTO) 10-133 is being complied with as follows:

1. Ensure that the write capability for all possible removable media is disabled as a default setting on all SIPRNet connected machines.

2. Ensure that write settings are only allowed when specifically approved by using the HBSS Device Control Module (DCM).

3. Ensure the system DAA has specifically approved all persons authorized to transfer data from SIPRNet connected system components.

4. Ensure the IAM maintains a list of all persons authorized by the DAA to transfer data from the SIPRNet.

5. Ensure there are written procedures approved by the DAA for use of removable media on SIPRNet.