STIGQter: STIG Summary: Test and Development Zone B Security Technical Implementation Guide Version: 1 Release: 5 Benchmark Date: 26 Oct 2018:

Remote access into the test and development environment must use an encryption mechanism approved for the classification level of the network.

DISA Rule

SV-51534r1_rule

Vulnerability Number

V-39667

Group Title

ENTD0280 - An approved encryption mechanism is not used for remote access.

Rule Version

ENTD0280

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Implement an approved encryption mechanism for the classification of the network for remote access. Unclassified/FOUO or any need-to-know data will need to use a FIPS 140-2 validated cryptographic module. Classified traffic must use an NSA approved encryption standard.

Check Contents

Determine whether the proper encryption standard is deployed for the classification of the network where remote access is performed. Unclassified/FOUO or any need-to-know data will need to use a FIPS 140-2 validated cryptographic module. Classified traffic must use an NSA approved encryption standard. If the proper encryption standard is not in use for remote access, this is a finding.

Vulnerability Number

V-39667

Documentable

False

Rule Version

ENTD0280

Severity Override Guidance

Determine whether the proper encryption standard is deployed for the classification of the network where remote access is performed. Unclassified/FOUO or any need-to-know data will need to use a FIPS 140-2 validated cryptographic module. Classified traffic must use an NSA approved encryption standard. If the proper encryption standard is not in use for remote access, this is a finding.

Check Content Reference

M

Target Key

1132

Comments