Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-62115 | SRG-NET-000332-VVSM-00045 | SV-76605r1_rule | Medium |
Description |
---|
Without the capability to remotely view/hear all content related to a user session, investigations into suspicious user activity would be hampered. Real-time monitoring allows authorized personnel to take action before additional damage is done. The ability to observe user sessions as they are happening allows for interceding in ongoing events that after-the-fact review of captured content would not allow. The requirement does not apply to privileged user sessions used to manage the network element. |
STIG | Date |
---|---|
Voice Video Session Management Security Requirements Guide | 2018-07-10 |
Check Text ( C-62919r1_chk ) |
---|
Verify the Voice Video Session Manager in support of CALEA provides the capability for authorized users to remotely view/hear, in real time, all content related to an established user session from a separate monitoring component. If the Voice Video Session Manager in support of CALEA does not provide the capability for authorized users to remotely view/hear, in real time, all content related to an established user session from a separate monitoring component, this is a finding. |
Fix Text (F-68035r1_fix) |
---|
Configure the Voice Video Session Manager in support of CALEA to provide the capability for authorized users to remotely view/hear, in real time, all content related to an established user session from a separate monitoring component. |