STIGQter: STIG Summary: Network Infrastructure Policy Security Technical Implementation Guide Version: 9 Release: 10 Benchmark Date: 24 Jan 2020:

Prior to having external connection provisioned between enclaves, a Memorandum of Agreement (MOA) or Memorandum of Understanding (MOU) must be established.

DISA Rule

SV-80839r1_rule

Vulnerability Number

V-66349

Group Title

NET0131

Rule Version

NET0131

Severity

CAT II

CCI(s)

• CCI-001121 - The organization protects against unauthorized physical connections at organization-defined managed interfaces.

Weight

10

Fix Recommendation

All external connections will be validated and approved prior to connection. Interview the ISSM to verify that all connections have a mission requirement and that the AO is aware of the requirement.

Check Contents

Review the network topology and interview the ISSO to verify that each external connection to the site’s network has been validated and approved by the AO and CAO and that CAP requirements have been met.

If there are any external connections that have not been validated and approved, this is a finding.

Vulnerability Number

V-66349

Documentable

False

Rule Version

NET0131

Severity Override Guidance

Review the network topology and interview the ISSO to verify that each external connection to the site’s network has been validated and approved by the AO and CAO and that CAP requirements have been met.

If there are any external connections that have not been validated and approved, this is a finding.

Check Content Reference

M

Target Key

838

Comments