An A/B switch must not be used to switch a peripheral device that has persistent memory or devices that support removable media between two or more ISs of different classification levels.

From Keyboard Video and Mouse Switch STIG

Part of A/B Switch different classification disk

Associated with IA controls: DCBP-1

SV-6984r2_rule An A/B switch must not be used to switch a peripheral device that has persistent memory or devices that support removable media between two or more ISs of different classification levels.

Vulnerability discussion

If the peripheral device attached to an A/B switch, which is connected to ISs of differing classification levels, can be written to and read from this can lead to the compromise of sensitive or classified data and/or the compromise of the ISs.The ISSO or SA will ensure A/B switches are not used to switch a peripheral device that has persistent memory or devices that support removable media between two or more ISs of different classification levels.

Check content

The reviewer will view the A/B switch to verify the A/B switch is not used to switch a peripheral device that has persistent memory or devices that support removable media between two or more ISs of different classification levels. This would include but not be limited to ZIP drives, hard disk drives, and writable CD drives. If A/B switches are used to switch a peripheral device that has persistent memory or devices that support removable media between two or more ISs of different classification levels, this is a finding.

Fix text

Remove the A/B switch used to switch a peripheral device that has persistent memory or devices that support removable media between two or more ISs of different classification levels.

Pro Tips

Lavender hyperlinks in small type off to the right (of CSS class id, if you view the page source) point to globally unique URIs for each document and item. Copy the link location and paste anywhere you need to talk unambiguously about these things.

You can obtain data about documents and items in other formats. Simply provide an HTTP header Accept: text/turtle or Accept: application/rdf+xml.

Powered by sagemincer