From Keyboard Video and Mouse Switch STIG
Part of Network KVM power control of IS
Associated with IA controls: PECF-1, DCBP-1, PECF-2
If a network attached KVM switch can control the power to the ISs attached to it and the KVM switch is compromised, a denial of service can be caused by powering off all the ISs attached to the KVM switch without accessing the individual ISs.
With the assistance of the ISSO, verify the network attached KVM switch is not configured to control the power of the ISs attached and all connectors on the KVM switch that support this functionality are blocked with tamper evident seals. If the KVM switch is configured to control the power of connected ISs, this is a finding.
Remove the KVM switch’s control over the power supplied to the ISs and block any connectors on the KVM switch used to support this feature with tamper evident seals. NSA IAD Protective Technologies has tamper evident products available for use, including seals for RJ45, D-sub, and USB ports. These can be obtained by contacting them either on NIPRNet at ptproducts@radium.ncsc.mil or on SIPRNet at ptproducts@nsa.smil.mil. When ordering, please specify that this is for use on a DoD Information System and the government use version is needed.
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer