STIGQter: STIG Summary: Voice Video Session Management Security Requirements Guide Version: 2 Release: 1 Benchmark Date: 23 Oct 2020:

The Voice Video Session Manager must disable (prevent) auto-registration of Voice Video endpoints.

DISA Rule

SV-206812r508661_rule

Vulnerability Number

V-206812

Group Title

SRG-NET-000015

Rule Version

SRG-NET-000015-VVSM-00002

Severity

CAT I

CCI(s)

• CCI-000213 - The information system enforces approved authorizations for logical access to information and system resources in accordance with applicable access control policies.

Weight

10

Fix Recommendation

Configure the Voice Video Session Manager to disable auto-registration of Voice Video endpoints.

Check Contents

Verify the Voice Video Session Manager prevents auto-registration of Voice Video endpoints. During initial system installation and testing, or subsequent large redeployments and additions, it may be necessary to enable auto-registration for a short period. When auto-registration is used under these circumstances, it must be disabled within 5 days and before the system is placed into service.

If the Voice Video Session Manager does not disable auto-registration of Voice Video endpoints outside of these conditions, this is a finding.

Vulnerability Number

V-206812

Documentable

False

Rule Version

SRG-NET-000015-VVSM-00002

Severity Override Guidance

Verify the Voice Video Session Manager prevents auto-registration of Voice Video endpoints. During initial system installation and testing, or subsequent large redeployments and additions, it may be necessary to enable auto-registration for a short period. When auto-registration is used under these circumstances, it must be disabled within 5 days and before the system is placed into service.

If the Voice Video Session Manager does not disable auto-registration of Voice Video endpoints outside of these conditions, this is a finding.

Check Content Reference

M

Target Key

2916

Comments