From Traditional Security
Part of PDS Monitoring - Reporting Incidents
Associated with IA controls: DCSR-3, PESS-1, ECCT-2
A PDS that is not inspected, monitored and maintained as required could result in undetected access, sabotage or tampering of the unencrypted transmission lines. This could directly lead to the loss or compromise of classified.
Checks: 1. Check to ensure there are procedures written that cover how to handle all possible types of potential PDS incidents. 2. Check daily and technical inspection results (logs) for evidence of discovered PDS anomalies. 3. Ensure any incidents of tampering, penetration, or unauthorized interception were reported immediately to the PDS Approving Authority and the local security/law enforcement authority. 4. Subject to law enforcement procedures, which take precedence, check to ensure the PDS was not used until the incident was assessed and its security status determined. 5. If discontinued use of the PDS is or was not practical, check to ensure users of all impacted PDS were notified of the possible breach in security, and instructed that use of systems running on the PDS be limited to the greatest extent possible. 6. Discovery of an anomaly in the PDS that is not properly reported and resolved is a finding. All discoveries must be documented and such documentation retained indefinitely -for as long as the PDS remains functional. NOTES: 1. This check is applicable to tactical environments. Incidents of possible tampering must be reported to the PDS approving authority in as expeditious a manner as possible. 2. Even if there is no finding, in the reviewer notes provide a brief note of any reported incidents or anomalies previously noted by the site, including the date it was initially noted.
1. A procedure must be written that covers how to handle all possible types of potential PDS incidents. 2. ALL incidents of suspected or actual tampering, penetration, or unauthorized interception must be reported immediately to the PDS Approving Authority and the local security/law enforcement authority. 3. Subject to law enforcement procedures, which take precedence, the PDS must not be used until the incident is assessed and its security status determined. 4. If discontinued use of the PDS is or was not practical, all users of impacted PDS must be notified of the possible breach in security and instructed that use of systems running on the PDS be limited to the greatest extent possible. 5. All discoveries must be documented and such documentation retained indefinitely -for as long as the PDS remains functional.
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer