From Voice Video Policy Security Technical Implementation Guide
Part of SRG-POL-300288
Associated with: CCI-001761
Information systems provide a wide variety of functions and services. Some of the functions and services, provided by default, may not be necessary to support essential organizational operations (e.g., key missions, functions). Organizations review functions and services provided by information systems or individual components of information systems to determine which functions and services are candidates for elimination. Organizations can use network scanning tools, intrusion detection and prevention systems, and end-point protections such as firewalls to prevent the use of prohibited functions, ports, protocols, and services.
Review the Voice Video configuration management policy and associated configuration management controls audit trail of reviews and updates to confirm the organization disabled the nonsecure functions, ports, protocols, and services traversing the Voice Video system as defined in DoDI 8551.01. Nonsecure functions, ports, protocols, and services can be identified by the following: - Review the Ports, Protocols, and Services Management (PPSM) web page on the DISA IASE website. - Review the Category Assurance List (CAL) and Vulnerability Assessments (VA) available on the PPSM webpage. - Scan the Voice Video system VLANs for unapproved and rogue ports, protocols, and services. - Software on the Voice Video system servers supporting unnecessary ports, protocols, and services. - Voice Video servers and endpoints configuration settings for unnecessary ports, protocols, and services. - Limit production PPS to production interfaces and management PPS to dedicated management interfaces. If the Voice Video configuration management policy and associated configuration management controls audit trail of reviews and updates do not confirm the organization disabled the nonsecure functions, ports, protocols, and services traversing the Voice Video system as defined in DoDI 8551.01, this is a finding.
Enforce procedures for the Voice Video configuration management policy and associated configuration management controls as follows: - Disable the nonsecure functions, ports, protocols, and services traversing the Voice Video system as defined in DoDI 8551.01. - Create or update the review activity as an audit trail. - Update the implementation procedures as appropriate. Nonsecure functions, ports, protocols, and services can be identified by the following: - Review the Ports, Protocols, and Services Management (PPSM) web page on the DISA IASE website. - Review the Category Assurance List (CAL) and Vulnerability Assessments (VA) available on the PPSM webpage. - Scan the Voice Video system VLANs for unapproved and rogue ports, protocols, and services. - Software on the Voice Video system servers supporting unnecessary ports, protocols, and services. - Voice Video servers and endpoints configuration settings for unnecessary ports, protocols, and services. - Limit production PPS to production interfaces and management PPS to dedicated management interfaces.
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer