STIGQter: STIG Summary: Traditional Security Checklist Version: 1 Release: 3 Benchmark Date: 15 Jun 2020:

COMSEC Training - COMSEC Custodian or Hand Receipt Holder

DISA Rule

SV-40973r3_rule

Vulnerability Number

V-30931

Group Title

COMSEC Training - Custodian or Hand Receipt Holder

Rule Version

CS-02.02.01

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Documented proof of required COMSEC Custodian or hand receipt holder training must be available. Formal training of primary COMSEC account holders is required within 6-months of being appointed as COMSEC Custodian or alternate. Sub-Account or hand receipt holders may be trained by the sponsoring primary account COMSEC Custodian.

Check Contents

Check for documented proof of COMSEC Custodian or hand receipt holder training.

NOTES:

1. Formal training for primary COMSEC account holders must be completed within six months of being designated as COMSEC Custodian.

2. Ensure that any COMSEC account, materials or equipment being inspected is used for encryption of DoDIN assets. COMSEC accounts or items not used with DoDIN assets should not be inspected.

Vulnerability Number

V-30931

Documentable

False

Rule Version

CS-02.02.01

Severity Override Guidance

Check for documented proof of COMSEC Custodian or hand receipt holder training.

NOTES:

1. Formal training for primary COMSEC account holders must be completed within six months of being designated as COMSEC Custodian.

2. Ensure that any COMSEC account, materials or equipment being inspected is used for encryption of DoDIN assets. COMSEC accounts or items not used with DoDIN assets should not be inspected.

Check Content Reference

M

Target Key

2506

Comments