STIGQter STIGQter: STIG Summary: Traditional Security Checklist Version: 1 Release: 3 Benchmark Date: 15 Jun 2020:

Monitor Screens - Disable Access by CAC or Token Removal, or Lock Computer via Ctrl/Alt/Del

DISA Rule

SV-42292r3_rule

Vulnerability Number

V-31993

Group Title

Monitor Screens - Disable Access by CAC or Token Removal, or Lock Computer via Ctrl/Alt/Del

Rule Version

IS-08.01.02

Severity

CAT I

CCI(s)

Weight

10

Fix Recommendation

1. SIPRNet servers and/or work station hard drives/monitors/keyboards must be disabled (locked) by CAC or Token Removal, or where CACs or tokens are not used the Computer must be locked via Ctrl/Alt/Del - when not personally and physically attended by properly vetted and cleared US personnel.

2. NIPRNet servers and/or work station hard drives/monitors/keyboards must be disabled (locked) by CAC or Token Removal, or where CACs or tokens are not used the Computer must be locked via Ctrl/Alt/Del - when not personally and physically attended by properly vetted US personnel.

3. CACs and other tokens must not be left unattended and must be in the physical custody of the person to whom they were issued.

Check Contents

Check to ensure:

1. SIPRNet servers and/or work station hard drives/monitors/keyboards are disabled (locked) by CAC or Token Removal, or where CACs or tokens are not used the Computer must be locked via Ctrl/Alt/Del - when not personally and physically attended by properly vetted and cleared US personnel. (CAT I)

2. NIPRNet servers and/or work station hard drives/monitors/keyboards (*used by system administrators with privileged access) are disabled (locked) by CAC or Token Removal, or where CACs or tokens are not used the Computer must be locked via Ctrl/Alt/Del - when not personally and physically attended by properly vetted US personnel. (CAT I)

3. NIPRNet work station hard drives/monitors/keyboards (*used by general users or individuals without privileged systems access) are disabled (locked) by CAC or Token Removal, or where CACs or tokens are not used the Computer must be locked via Ctrl/Alt/Del - when not personally and physically attended by properly vetted US personnel. (CAT II)

4. CACs and other tokens are not left unattended and are in the physical custody of the person to whom they were issued. (CAT II)

TACTICAL ENVIRONMENT: This check is applicable to all environments (including a field/mobile tactical environment) where information system assets are connected to the DISN.

Vulnerability Number

V-31993

Documentable

False

Rule Version

IS-08.01.02

Severity Override Guidance

Check to ensure:

1. SIPRNet servers and/or work station hard drives/monitors/keyboards are disabled (locked) by CAC or Token Removal, or where CACs or tokens are not used the Computer must be locked via Ctrl/Alt/Del - when not personally and physically attended by properly vetted and cleared US personnel. (CAT I)

2. NIPRNet servers and/or work station hard drives/monitors/keyboards (*used by system administrators with privileged access) are disabled (locked) by CAC or Token Removal, or where CACs or tokens are not used the Computer must be locked via Ctrl/Alt/Del - when not personally and physically attended by properly vetted US personnel. (CAT I)

3. NIPRNet work station hard drives/monitors/keyboards (*used by general users or individuals without privileged systems access) are disabled (locked) by CAC or Token Removal, or where CACs or tokens are not used the Computer must be locked via Ctrl/Alt/Del - when not personally and physically attended by properly vetted US personnel. (CAT II)

4. CACs and other tokens are not left unattended and are in the physical custody of the person to whom they were issued. (CAT II)

TACTICAL ENVIRONMENT: This check is applicable to all environments (including a field/mobile tactical environment) where information system assets are connected to the DISN.

Check Content Reference

M

Potential Impact

RELATED VULS (STIG ID):

1. STIG ID: FN-04.01.01. This requirement concerns two related concerns. First is control of physical access to areas containing US Only workstations/monitor screens, equipment, media or documents in working environments where Foreign Nationals are employed or present. Second, It also covers maintaining continuous observation and control of US Only classified information system removable storage media and documents within classified storage locations (such as SCIFs, secure rooms or vaults) where foreign nationals are present OR or placement in an approved safe.

2. STIG ID: IS-08.01.01. Classified Monitors/Displays (Physical Control of Classified Monitors From Unauthorized Viewing) . This requirement is specifically focused on checking physical controls in place to protect classified work stations (monitor screens) from unauthorized viewing. This requirement includes positioning and control of classified monitors and covers environments where Foreign Nationals are present and US Only work stations/monitor screens are present.

3. STIG ID: IS-08.03.01. This requirement is specifically focused on checking written policy/procedures and initial/recurring training concerning cleared employee responsibilities and actions to protect classified work stations (monitor screens) under their control from unauthorized viewing. This requirement includes positioning and control of classified monitors and covers environments where Foreign Nationals are present and US Only work stations/monitor screens are present.

Target Key

2506

Comments