STIGQter: STIG Summary: Video Services Policy STIG Version: 1 Release: 11 Benchmark Date: 24 Apr 2020: STIGQter: STIG Summary: Video Services Policy STIG Version: 1 Release: 11 Benchmark Date: 24 Apr 2020:SV-18870r1_rule
V-17696
RTS-VTC 2420.00 [IP]
RTS-VTC 2420.00
CAT II
10
[IP]; Perform the following tasks if streaming of a VTC CODEC session is approved and is to be implemented:
- Implement and distribute a temporary password for the session. This password is used one time and never repeated. This password must not match any other user or administrative password.
- Configure the CODEC by entering an appropriate address and IP port for delivery of the media stream. If multicast is used, these must be different from the default settings used by the vendor, and are randomly different each time they are used.
- Configure the CODEC by setting TTL/router hops to an appropriate number to limit the range of distribution of the media stream to within the local LAN or Intranet as required. This number should be limited to 1 for the local network, 15 or 16 for the campus, 25 for the adjoining site. Never enter a high number such as 64 and above since this will extend the reach to a region or the world as the number goes higher.
[IP]; Interview the IAO to validate compliance with the following requirement:
If and when implementing streaming, ensure the following streaming configuration settings are implemented as prudent to minimize accessibility to the media stream:
- Implement and distribute a temporary password for the session. For best protection of the system, this password is used one time and not repeated. This password must not match any other user or administrative password.
- Enter an appropriate address and IP port for delivery of the media stream. If multicast is used, these are different from the default settings used by the vendor, and are randomly different each time they are used.
- Set TTL/router hops to an appropriate number to limit the range of distribution of the media stream to within the local LAN or Intranet as required. This number should be limited to 1 for the local network, 15 or 16 for the campus, 25 for the adjoining site. Never enter a high number such as 64 and above since this will extend the reach to a region or the world as the number goes higher.
Determine/review site policy/procedure for the implementation of approved VTC CODEC streaming. Review configuration settings to be used. If any CODECs are currently approved for and configured to stream, inspect or have the SA demonstrate the configuration used. This is a finding if the policy/procedure and/or configuration does not match or support the requirement items listed above.
V-17696
False
RTS-VTC 2420.00
[IP]; Interview the IAO to validate compliance with the following requirement:
If and when implementing streaming, ensure the following streaming configuration settings are implemented as prudent to minimize accessibility to the media stream:
- Implement and distribute a temporary password for the session. For best protection of the system, this password is used one time and not repeated. This password must not match any other user or administrative password.
- Enter an appropriate address and IP port for delivery of the media stream. If multicast is used, these are different from the default settings used by the vendor, and are randomly different each time they are used.
- Set TTL/router hops to an appropriate number to limit the range of distribution of the media stream to within the local LAN or Intranet as required. This number should be limited to 1 for the local network, 15 or 16 for the campus, 25 for the adjoining site. Never enter a high number such as 64 and above since this will extend the reach to a region or the world as the number goes higher.
Determine/review site policy/procedure for the implementation of approved VTC CODEC streaming. Review configuration settings to be used. If any CODECs are currently approved for and configured to stream, inspect or have the SA demonstrate the configuration used. This is a finding if the policy/procedure and/or configuration does not match or support the requirement items listed above.
I
The inadvertent or improper disclosure of sensitive or classified information to a caller of a VTU that may not have an appropriate need-to-know or proper security clearance.
Information Assurance Officer
1418