STIGQter: STIG Summary: Voice Video Services Policy Security Technical Implementation Guide Version: 3 Release: 17 Benchmark Date: 25 Oct 2019: STIGQter: STIG Summary: Voice Video Services Policy Security Technical Implementation Guide Version: 3 Release: 17 Benchmark Date: 25 Oct 2019:SV-17060r1_rule
V-16073
Deficient COOP: C2 User’s Backup for PC Comm app
VVoIP 1205 (GENERAL)
CAT II
10
Ensure C2 and Special-C2 users are provided with an alternate assured service communications device/system (e.g., hardware based IP or traditional telephone endpoint) is provided as backup to a PC based communications application (e.g., soft-phone) for their mission critical assured service (C2) voice communications needs
Minimally provide C2 and Special-C2 users with a hardware based telephone and supporting infrastructure that can support reliable assured service communications within their normal or alternate workspaces.
Interview the IAO and a sampling of C2 or Special-C2 users to determine if C2 or Special-C2 users are provided with a more reliable communications method than a PC based communications application in compliance with the following requirement:
Within a C2 or Special-C2 user’s normal workspace (e.g., office) or alternate fixed workspace (e.g., quarters, alternate office), ensure C2 and Special-C2 users are provided with an alternate assured service communications device/system (e.g., hardware based IP or traditional telephone endpoint) is provided as backup to a PC based communications application (e.g., soft-phone) for their mission critical assured service (C2) voice communications needs if and when the PC or application fails or is unavailable.
Note: Cell phones. PDA/PEDs, or other wireless devices are not considered reliable enough within a normal workspace to meet this requirement due to lack of reliable signal everywhere and their inability to be used in certain DoD environments. However these could be considered in a remote use case.
NOTE: This is not intended to require the installation of assured service communications devices in alternate workspaces such as quarters unless there is a requirement for the C2 or Special-C2 user to place and receive C2 communications in that location.
This is a finding if C2 or Special-C2 users are not provided with a more reliable communications method than a PC based communications application for their assured service needs.
V-16073
False
VVoIP 1205 (GENERAL)
Interview the IAO and a sampling of C2 or Special-C2 users to determine if C2 or Special-C2 users are provided with a more reliable communications method than a PC based communications application in compliance with the following requirement:
Within a C2 or Special-C2 user’s normal workspace (e.g., office) or alternate fixed workspace (e.g., quarters, alternate office), ensure C2 and Special-C2 users are provided with an alternate assured service communications device/system (e.g., hardware based IP or traditional telephone endpoint) is provided as backup to a PC based communications application (e.g., soft-phone) for their mission critical assured service (C2) voice communications needs if and when the PC or application fails or is unavailable.
Note: Cell phones. PDA/PEDs, or other wireless devices are not considered reliable enough within a normal workspace to meet this requirement due to lack of reliable signal everywhere and their inability to be used in certain DoD environments. However these could be considered in a remote use case.
NOTE: This is not intended to require the installation of assured service communications devices in alternate workspaces such as quarters unless there is a requirement for the C2 or Special-C2 user to place and receive C2 communications in that location.
This is a finding if C2 or Special-C2 users are not provided with a more reliable communications method than a PC based communications application for their assured service needs.
I
Denial of service for a C2 or Special-C2 user resulting in the inability to place an assured service call.
Information Assurance Manager
594