STIGQter STIGQter: STIG Summary: Traditional Security Checklist Version: 1 Release: 3 Benchmark Date: 15 Jun 2020:

Protected Distribution System (PDS) Construction - Alarmed Carrier

DISA Rule

SV-43876r3_rule

Vulnerability Number

V-33456

Group Title

PDS Construction - Alarmed Carrier

Rule Version

CS-04.01.08

Severity

CAT I

CCI(s)

Weight

10

Fix Recommendation

An Alarmed PDS is one of five types of Category 2 PDS IAW the CNSSI 7003. It is a suitable alternative for the two types of interior PDS, which are Hardened Carrier or Continuously Viewed Carrier. It should be used when the unencrypted data transmission line is concealed above suspended ceilings, below raised floors, between walls or in any situation where the line is not visible for inspection. In lieu of daily visual inspections the functionality of the PDS alarm must be tested at least weekly - or as based on guidance in the CNSSI 7003.

Ensure unencrypted SIPRNet data cables are installed in a carrier properly configured as an "Alarmed Carrier" IAW the following guidelines:

1. Ideally the carrier will be constructed of solid electrical metallic tubing (EMT), ferrous conduit or pipe, or rigid-sheet steel ducting, utilizing elbows, couplings, nipples, and connectors of the same material. Connectors need not be permanently sealed in an alarmed carrier. As a minimum the carrier may consist of any material equal to or better than standards for a "Simple PDS" (e.g., wood, PVT, EMT, ferrous conduit. The key to determining the appropriateness of a PDS carrier is its suitability for supporting the functionality of the approved alarm sensor, which provides a means to detect tampering and/or breach of the actual PDS carrier - *not a breach of the space surrounding the carrier. An IDS sensor capable of detecting changes in carrier air pressure is an example of an acceptable detection methodology.

2. As an alternative to an alarmed carrier, the space surrounding the entire carrier may be covered by an area or volumetric (e.g., infrared, motion detection) alarm system.

3. The carrier and/or volumetric alarm system sensor employed must be approved by the cognizant physical security authorities. Documentation must exist to support this approval.

4. The alarm system and signal transmission must be part of an Intrusion Detection System (IDS) meeting the requirements of the Appendix to Enclosure 3 of DoD Manual 5200.01, V3 (INFOSEC - Protection of Classified Information). For instance: The alarm must provide protection from tampering and be able to register malfunctions. The alarm system must also transmit a line fault message to the annunciator panel if the system fails.

5. The alarm signal must be sent to a 24/7 monitor station that is supervised continuously by U.S. citizens who have been subjected to a trustworthiness determination according to DoD Manual 5200.02 Procedures for the DoD Personnel Security Program (PSP).

6. The monitor station must be capable of notifying security forces that can respond within 15 minutes.

7. PDS alarm functionality and performance must be verified on at least a weekly basis IAW Table 5 of the CNSSI 7003.

8. A Standard Operating Procedure (SOP) must be available, which is approved by the facility security officer or security manager and commander/director, and the PDS approval authority.

This SOP must include procedures to:

a. Verify the alarm functionality and performance on at least a weekly basis IAW Table 5 of the CNSSI 7003.

b. Ensure response by security personnel in the area of possible attempted penetration, within 15 minutes of discovery;

c. Provide for inspection of the PDS to determine the cause of the alarm;

d. Define action to be taken regarding the termination of transmission;

e. Initiate investigation of actual intrusion attempt, etc.

9. The PDS must not be located within an Uncontrolled Access Area (UAA) and National Manager (NSA) approved encryption solutions must be employed.

Check Contents

An Alarmed PDS is one of five types of Category 2 PDS IAW the CNSSI 7003. It is a suitable alternative for the two types of interior PDS, which are Hardened Carrier or Continuously Viewed Carrier. It should be used when the unencrypted data transmission line is concealed above suspended ceilings, below raised floors, between walls or in any situation where the line is not visible for inspection. In lieu of daily visual inspections the functionality of the PDS alarm must be tested at least weekly - or as based on guidance in the CNSSI 7003.

Use this set of checks where the unencrypted SIPRNet cable must be installed in a PDS and the site indicates it is an alarmed PDS.

Check to ensure SIPRNet data cables are installed in a carrier properly configured as an "Alarmed Carrier" IAW the following guidelines:

1. Ideally the carrier will be constructed of solid electrical metallic tubing (EMT), ferrous conduit or pipe, or rigid-sheet steel ducting, utilizing elbows, couplings, nipples, and connectors of the same material. Connectors need not be permanently sealed in an alarmed carrier. As a minimum the carrier may consist of any material equal to or better than standards for a "Simple PDS" (e.g., wood, PVT, EMT, ferrous conduit. The key to determining the appropriateness of a PDS carrier is its suitability for supporting the functionality of the approved alarm sensor, which provides a means to detect tampering and/or breach of the actual PDS carrier - *not a breach of the space surrounding the carrier. An alarmed carrier must be protected by an alarm system that detects attempted penetration of the carrier. An IDS sensor capable of detecting changes in carrier air pressure is an example of an acceptable detection methodology. (CAT I)

2. As an alternative to an alarmed carrier, the space surrounding the entire carrier may be covered by an area or volumetric (e.g., infrared, motion detection) alarm system. (CAT I)

3. The carrier and/or volumetric alarm system sensor employed must be approved by the cognizant physical security authorities. Documentation must exist to support this approval. (CAT II)

4. The alarm system and signal transmission must be part of an Intrusion Detection System (IDS) meeting the requirements of the Appendix to Enclosure 3 of DoD Manual 5200.01,V3 (INFOSEC - Protection of Classified Information). For instance: The alarm must provide protection from tampering and be able to register malfunctions. The alarm system must also transmit a line fault message to the annunciator panel if the system fails. (CAT I)

5. The alarm signal must be sent to a 24/7 monitor station that is supervised continuously by U.S. citizens who have been subjected to a trustworthiness determination according to DoD Manual 5200.02 Procedures for the DoD Personnel Security Program (PSP). (CAT I)

6. The monitor station must be capable of notifying security forces that can respond within 15 minutes. (CAT I)

*NOTE: May be reduced to a CAT II severity level finding if the monitor station is capable of notifying security forces but the security forces are not capable of responding within 15 minutes.

7. PDS alarm functionality and performance must be verified on at least a weekly basis IAW Table 5 of the CNSSI 7003. (CAT I)

*NOTE: Alarm functionality tests performed less than weekly, but at least once every 3-months can be reduced to a CAT II severity level finding.

8. A Standard Operating Procedure (SOP) must be available, which is approved by the facility security officer or security manager and commander/director, and the PDS approval authority. (CAT III)

This SOP must include procedures to:

a. Verify the alarm functionality and performance on at least a weekly basis IAW Table 5 of the CNSSI 7003.

b. Ensure response by security personnel in the area of possible attempted penetration, within 15 minutes of discovery;

c. Provide for inspection of the PDS to determine the cause of the alarm;

d. Define action to be taken regarding the termination of transmission;

e. Initiate investigation of actual intrusion attempt, etc.

9. The PDS is not located within an Uncontrolled Access Area (UAA) and National Manager (NSA) approved encryption solutions must be employed. (CAT I)

Vulnerability Number

V-33456

Documentable

False

Rule Version

CS-04.01.08

Severity Override Guidance

An Alarmed PDS is one of five types of Category 2 PDS IAW the CNSSI 7003. It is a suitable alternative for the two types of interior PDS, which are Hardened Carrier or Continuously Viewed Carrier. It should be used when the unencrypted data transmission line is concealed above suspended ceilings, below raised floors, between walls or in any situation where the line is not visible for inspection. In lieu of daily visual inspections the functionality of the PDS alarm must be tested at least weekly - or as based on guidance in the CNSSI 7003.

Use this set of checks where the unencrypted SIPRNet cable must be installed in a PDS and the site indicates it is an alarmed PDS.

Check to ensure SIPRNet data cables are installed in a carrier properly configured as an "Alarmed Carrier" IAW the following guidelines:

1. Ideally the carrier will be constructed of solid electrical metallic tubing (EMT), ferrous conduit or pipe, or rigid-sheet steel ducting, utilizing elbows, couplings, nipples, and connectors of the same material. Connectors need not be permanently sealed in an alarmed carrier. As a minimum the carrier may consist of any material equal to or better than standards for a "Simple PDS" (e.g., wood, PVT, EMT, ferrous conduit. The key to determining the appropriateness of a PDS carrier is its suitability for supporting the functionality of the approved alarm sensor, which provides a means to detect tampering and/or breach of the actual PDS carrier - *not a breach of the space surrounding the carrier. An alarmed carrier must be protected by an alarm system that detects attempted penetration of the carrier. An IDS sensor capable of detecting changes in carrier air pressure is an example of an acceptable detection methodology. (CAT I)

2. As an alternative to an alarmed carrier, the space surrounding the entire carrier may be covered by an area or volumetric (e.g., infrared, motion detection) alarm system. (CAT I)

3. The carrier and/or volumetric alarm system sensor employed must be approved by the cognizant physical security authorities. Documentation must exist to support this approval. (CAT II)

4. The alarm system and signal transmission must be part of an Intrusion Detection System (IDS) meeting the requirements of the Appendix to Enclosure 3 of DoD Manual 5200.01,V3 (INFOSEC - Protection of Classified Information). For instance: The alarm must provide protection from tampering and be able to register malfunctions. The alarm system must also transmit a line fault message to the annunciator panel if the system fails. (CAT I)

5. The alarm signal must be sent to a 24/7 monitor station that is supervised continuously by U.S. citizens who have been subjected to a trustworthiness determination according to DoD Manual 5200.02 Procedures for the DoD Personnel Security Program (PSP). (CAT I)

6. The monitor station must be capable of notifying security forces that can respond within 15 minutes. (CAT I)

*NOTE: May be reduced to a CAT II severity level finding if the monitor station is capable of notifying security forces but the security forces are not capable of responding within 15 minutes.

7. PDS alarm functionality and performance must be verified on at least a weekly basis IAW Table 5 of the CNSSI 7003. (CAT I)

*NOTE: Alarm functionality tests performed less than weekly, but at least once every 3-months can be reduced to a CAT II severity level finding.

8. A Standard Operating Procedure (SOP) must be available, which is approved by the facility security officer or security manager and commander/director, and the PDS approval authority. (CAT III)

This SOP must include procedures to:

a. Verify the alarm functionality and performance on at least a weekly basis IAW Table 5 of the CNSSI 7003.

b. Ensure response by security personnel in the area of possible attempted penetration, within 15 minutes of discovery;

c. Provide for inspection of the PDS to determine the cause of the alarm;

d. Define action to be taken regarding the termination of transmission;

e. Initiate investigation of actual intrusion attempt, etc.

9. The PDS is not located within an Uncontrolled Access Area (UAA) and National Manager (NSA) approved encryption solutions must be employed. (CAT I)

Check Content Reference

M

Potential Impact

There are five types of PDS classified as Category 2 Distribution Systems using one of the following carriers: hardened, buried, suspended, alarmed, or continuously viewed.

This requirement (Alarmed Carrier, STIG ID CS-04.01.08) may be used as an alternative Category 2 carrier in lieu of the following two types of distribution systems: (Hardened STIG ID: CS-04.01.02 and Continuously Viewed STIG ID: CS-04.01.06). An alarmed carrier is not a suitable alternative to either buried or suspended (external) PDS. If an alarmed carrier is used the requirements for hardened and continuously viewed carriers are NA.

Target Key

2506

Comments