UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

Insufficient security clearance held by an “operator/facilitator/administrator” performing remote monitoring activities during a VTC session/conference.


Overview

Finding ID Version Rule ID IA Controls Severity
V-17681 RTS-VTC 1168.00 SV-18855r1_rule PRMP-1 PRMP-2 PRNK-1 Medium
Description
Administrators or “operators/facilitators” that perform monitoring as discussed in this section must have an appropriate security clearance commensurate with or higher than the classification level of the system and/or the information to which they are exposed.
STIG Date
Video Services Policy STIG 2015-07-01

Details

Check Text ( C-18951r1_chk )
[IP][ISDN]; Interview the Administrator to validate compliance with the following requirement:

Ensure administrators that are required to monitor a conference or conferences possess a security clearance that is the same as or higher than the VTC system and the conference information to which they are exposed.

Verify with IAO that conference call operator/facilitator has security clearance commensurate with or higher than the classification level of the system and/or the information to which they are exposed.
Fix Text (F-17578r1_fix)
[IP][ISDN]; Perform the following tasks:

Ensure administrators that are required to monitor a conference or conferences possess a security clearance that is the same as or higher than the VTC system and the conference information to which they are exposed.