STIGQter: STIG Summary: Video Services Policy STIG Version: 1 Release: 11 Benchmark Date: 24 Apr 2020:

The IP-based VTC system must authenticate to an H.323 Gatekeeper or VVoIP session/call controller.

DISA Rule

SV-55759r1_rule

Vulnerability Number

V-43030

Group Title

RTS-VTC 5040 [IP]

Rule Version

RTS-VTC 5040

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Configure the endpoints and H.323 Gatekeeper or VVoIP session/call controller to authenticate endpoints.

Check Contents

Review the system documentation and verify that an H.323 Gatekeeper and/or VVoIP session/call controller is in place and is configured to require authentication of endpoints. If there is no H.323 Gatekeeper or VVoIP session/call controller present; or it is not configured to require authentication of endpoints; or endpoints are not configured to authenticate with either, this is a finding.

Vulnerability Number

V-43030

Documentable

False

Rule Version

RTS-VTC 5040

Severity Override Guidance

Review the system documentation and verify that an H.323 Gatekeeper and/or VVoIP session/call controller is in place and is configured to require authentication of endpoints. If there is no H.323 Gatekeeper or VVoIP session/call controller present; or it is not configured to require authentication of endpoints; or endpoints are not configured to authenticate with either, this is a finding.

Check Content Reference

M

Responsibility

Information Assurance Officer

Target Key

1418

Comments