STIGQter: STIG Summary: Active Directory Domain Security Technical Implementation Guide (STIG) Version: 2 Release: 13 Benchmark Date: 26 Apr 2019:

A controlled interface must have interconnections among DoD information systems operating between DoD and non-DoD systems or networks.

DISA Rule

SV-9033r2_rule

Vulnerability Number

V-8536

Group Title

Trust - Non-DoD

Rule Version

AD.0181

Severity

CAT I

CCI(s)

CCI-000366 - The organization implements the security configuration settings.

Weight

Fix Recommendation

Obtain DAA approval and document external, forest, or realm trust relationship. Or obtain documentation of the network connection approval and explicit trust approval by the DAA.

Check Contents

1. Refer to the list of identified trusts obtained in a previous check (V8530).

2. For each of the identified trusts, determine if the other trust party is a non-DoD entity. For example, if the fully qualified domain name of the other party does not end in “.mil”, the other party is probably not a DoD entity.

3. Review the local documentation approving the external network connection and documentation indicating explicit approval of the trust by the DAA.

4. The external network connection documentation is maintained by the IAO\NSO for compliance with the Network Infrastructure STIG.

5. If any trust is defined with a non-DoD system and there is no documentation indicating approval of the external network connection and explicit DAA approval of the trust, then this is a finding.

A controlled interface must have interconnections among DoD information systems operating between DoD and non-DoD systems or networks.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Responsibility

Target Key

Comments