UCF STIG Viewer Logo

The Voice Video Endpoint must prevent installation of untrusted third-party software.


Overview

Finding ID Version Rule ID IA Controls Severity
V-206804 SRG-NET-000512-VVEP-00058 SV-206804r604140_rule Medium
Description
Unauthorized third-party software is challenging the security posture of DoD. Most established vendors have developed a patch management process that prevents risk, resulting in an estimated 80 percent of threats arising from third-party software. Preventing users from installing third-party software limits organizational exposure. Additionally, preventing installation of untrusted software further reduces risk to the network. Vendors that prevent installation of all third-party software meet the intent of this requirement.
STIG Date
Voice Video Endpoint Security Requirements Guide 2020-12-04

Details

Check Text ( C-7060r363935_chk )
Verify the Voice Video Endpoint prevents installation of untrusted third-party software.

If the Voice Video Endpoint does not prevent installation of untrusted third-party software, this is a finding.
Fix Text (F-7060r363936_fix)
Configure the Voice Video Endpoint to prevent installation of untrusted third-party software.