STIGQter: STIG Summary: Traditional Security Checklist Version: 1 Release: 3 Benchmark Date: 15 Jun 2020: STIGQter: STIG Summary: Traditional Security Checklist Version: 1 Release: 3 Benchmark Date: 15 Jun 2020:SV-42295r3_rule
V-31996
Classified Reproduction - System to Media Transfer from SIPRNet IAW US CYBERCOM CTO 10-133A
IS-10.02.01
CAT II
10
General guidance to consider: Paper copies, electronic files, and other material containing classified information shall be reproduced only when necessary for accomplishing the organizations mission or for complying with applicable statutes or Directives. Personnel reproducing classified information must be knowledgeable of the procedures for classified reproduction and aware of the risks involved with the specific reproduction equipment and media being used and the appropriate countermeasures they are required to take. Reproduced material is to be placed under the same accountability and control requirements as applied to the original material. Classified material is to be reproduced only on approved and when applicable, properly
accredited systems.
This check concerns ONLY reproduction and/or transfer of classified data using all forms of removable media on SIPRNet connected devices or systems.
Ensure that US CYBERCOM Communications Tasking Order (CTO) 10-133A is being complied with as follows:
1. Ensure that the write capability for all possible removable media is disabled as a default setting on all SIPRNet connected machines.
2. Ensure that write settings are only allowed when specifically approved by using the HBSS Device Control Module (DCM).
3. Ensure the system AO has specifically approved all persons authorized to transfer data from SIPRNet connected system components.
4. Ensure the ISSM maintains a list of all persons authorized by the AO to transfer data from the SIPRNet.
5. Ensure there are written procedures approved by the AO for use of removable media on SIPRNet.
General guidance: Paper copies, electronic files, and other material containing classified information shall be reproduced only when necessary for accomplishing the organizations mission or for complying with applicable statutes or Directives. Personnel reproducing classified information must be knowledgeable of the procedures for classified reproduction and aware of the risks involved with the specific reproduction equipment and media being used and the appropriate countermeasures they are required to take. Reproduced material is to be placed under the same accountability and control requirements as applied to the original material. Classified material is to be reproduced only on approved and when applicable, properly
accredited systems.
This check concerns ONLY reproduction and/or transfer of classified data using all forms of removable media on SIPRNet connected devices or systems.
Check to ensure that US CYBERCOM Communications Tasking Order (CTO) 10-133A is being complied with as follows:
1. Ensure that the write capability for all possible removable media is disabled as a default setting on all SIPRNet connected machines.
2. Ensure that write settings are only allowed when specifically approved by using the HBSS Device Control Module (DCM).
3. Ensure the system AO has specifically approved all persons authorized to transfer data from SIPRNet connected system components.
4. Ensure the ISSM maintains a list of all persons authorized by the AO to transfer data from the SIPRNet.
5. Ensure there are written procedures approved by the AO for use of removable media on SIPRNet.
NOTE: Coordination with Technical Reviewers may be required to determine all of the information outlined above.
TACTICAL ENVIRONMENT: This check is applicable in a fixed operational facility in a tactical environment if classified equipment is used or documents or media are created/extracted from the SIPRNet. The only exception will be for urgent (short term) tactical operations or other contingency situations where fixed facilities and equipment are not yet present or incapable of being used.
V-31996
False
IS-10.02.01
General guidance: Paper copies, electronic files, and other material containing classified information shall be reproduced only when necessary for accomplishing the organizations mission or for complying with applicable statutes or Directives. Personnel reproducing classified information must be knowledgeable of the procedures for classified reproduction and aware of the risks involved with the specific reproduction equipment and media being used and the appropriate countermeasures they are required to take. Reproduced material is to be placed under the same accountability and control requirements as applied to the original material. Classified material is to be reproduced only on approved and when applicable, properly
accredited systems.
This check concerns ONLY reproduction and/or transfer of classified data using all forms of removable media on SIPRNet connected devices or systems.
Check to ensure that US CYBERCOM Communications Tasking Order (CTO) 10-133A is being complied with as follows:
1. Ensure that the write capability for all possible removable media is disabled as a default setting on all SIPRNet connected machines.
2. Ensure that write settings are only allowed when specifically approved by using the HBSS Device Control Module (DCM).
3. Ensure the system AO has specifically approved all persons authorized to transfer data from SIPRNet connected system components.
4. Ensure the ISSM maintains a list of all persons authorized by the AO to transfer data from the SIPRNet.
5. Ensure there are written procedures approved by the AO for use of removable media on SIPRNet.
NOTE: Coordination with Technical Reviewers may be required to determine all of the information outlined above.
TACTICAL ENVIRONMENT: This check is applicable in a fixed operational facility in a tactical environment if classified equipment is used or documents or media are created/extracted from the SIPRNet. The only exception will be for urgent (short term) tactical operations or other contingency situations where fixed facilities and equipment are not yet present or incapable of being used.
M
2506