Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-66797 | SRG-NET-000512-VVEP-00058 | SV-81287r1_rule | Medium |
Description |
---|
Unauthorized third-party software is challenging the security posture of DoD. Most established vendors have developed a patch management process that prevents risk, resulting in an estimated 80 percent of threats arising from third-party software. Preventing users from installing third-party software limits organizational exposure. Additionally, preventing installation of untrusted software further reduces risk to the network. Vendors that prevent installation of all third-party software meet the intent of this requirement. |
STIG | Date |
---|---|
Voice Video Endpoint Security Requirements Guide | 2018-07-03 |
Check Text ( C-67447r1_chk ) |
---|
Verify the Voice Video Endpoint prevents installation of untrusted third-party software. If the Voice Video Endpoint does not prevent installation of untrusted third-party software, this is a finding. |
Fix Text (F-72897r1_fix) |
---|
Configure the Voice Video Endpoint to prevent installation of untrusted third-party software. |