STIGQter: STIG Summary: Test and Development Zone D Security Technical Implementation Guide Version: 1 Release: 5 Benchmark Date: 26 Oct 2018:

Network infrastructure and systems supporting the test and development environment must be documented within the organizations accreditation package.

DISA Rule

SV-51202r1_rule

Vulnerability Number

V-39344

Group Title

ENTD0010 - The test and development infrastructure is not properly documented.

Rule Version

ENTD0010

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Document network infrastructure and systems supporting the test and development environment, then include it with the accreditation package.

Check Contents

Review the accreditation package documentation to verify the test and development environment is correctly documented within the network diagrams and site security plan. If the organization's accreditation package does not include the test and development infrastructure in the network diagrams and system security plan, this is a finding.

Vulnerability Number

V-39344

Documentable

False

Rule Version

ENTD0010

Severity Override Guidance

Review the accreditation package documentation to verify the test and development environment is correctly documented within the network diagrams and site security plan. If the organization's accreditation package does not include the test and development infrastructure in the network diagrams and system security plan, this is a finding.

Check Content Reference

M

Responsibility

Information Assurance Manager

Target Key

1134

Comments