Zone D systems contain production or “live” DoD data or privacy act information and are connected to an external network.

Part of Zone D systems contain DoD data.

Associated with IA controls: ECSC-1

SV-14984r1_rule Zone D systems contain production or “live” DoD data or privacy act information and are connected to an external network.

Vulnerability discussion

Permitted activities in Zone D environments include, but are not limited to, extensive testing using tools not otherwise permitted, working with potential malicious code, working with PPSs that are otherwise restricted via DoD policy, and research. Zone D infrastructure devices are not required to adhere to PPS regulations as the network traffic does not access or traverse any DoD network. Unacceptable activities include development work and network access to DoD production systems or networks.

Check content

Interview the IAO/SA to determine the data type on systems within a Zone D environment. Ask the IAO what the connection approval process is in regards to housing DoD data or privacy act information data on any test or development system. Work with the Network reviewer to determine if there is network connectivity to ANY external network.

Fix text

The IAO will ensure Zone D systems do not contain production or “live” DoD data or privacy act information if connected in any way to an external network.

Pro Tips

Lavender hyperlinks in small type off to the right (of CSS class id, if you view the page source) point to globally unique URIs for each document and item. Copy the link location and paste anywhere you need to talk unambiguously about these things.

You can obtain data about documents and items in other formats. Simply provide an HTTP header Accept: text/turtle or Accept: application/rdf+xml.