STIGQter: STIG Summary: Voice Video Services Policy Security Technical Implementation Guide Version: 3 Release: 17 Benchmark Date: 25 Oct 2019: STIGQter: STIG Summary: Voice Video Services Policy Security Technical Implementation Guide Version: 3 Release: 17 Benchmark Date: 25 Oct 2019:SV-17075r2_rule
V-16087
UC soft client accessory bridging
VVoIP 1750 (GENERAL)
CAT II
10
Ensure UC soft client accessories, including PPGs, ATAs, USB phones, and wireless headsets that provide a network bridging capability are not used on a DoD PC or network except to fulfill a validated and approved mission requirement.
Discontinue the use of UC soft client accessories, including PPGs, ATAs, USB phones, and wireless headsets that provide a network bridging capability unless there is a validated and approved mission requirement for their use.
Interview the ISSO to validate compliance with the following requirement:
Ensure UC soft client accessories, including PPGs, ATAs, USB phones, and wireless headsets that provide a network bridging capability are not used on a DoD PC or network except to fulfill a validated and approved mission requirement.
Determine if UC soft client accessories, including PPGs, ATAs, USB phones, and wireless headsets, that provide a network bridging capability to the PSTN are used on a DoD PC or network. If so, further determine if there is a validated and approved mission requirement for their use. Interview a random sampling of users regarding their use of this bridging capability. This is a finding if these devices are used and there is no validated mission requirement.
Note: this requirement applies to Bluetooth, DECT/DECT 6.0, and other RF wireless technologies for accessories. Prior to procurement and implementation of any wireless accessory, a risk analysis must be performed to ensure the technology uses acceptable encryption and does not interfere with existing technology use. This guidance is not intended to replace the existing guidance available for wireless headsets used in association with mobile devices.
V-16087
False
VVoIP 1750 (GENERAL)
Interview the ISSO to validate compliance with the following requirement:
Ensure UC soft client accessories, including PPGs, ATAs, USB phones, and wireless headsets that provide a network bridging capability are not used on a DoD PC or network except to fulfill a validated and approved mission requirement.
Determine if UC soft client accessories, including PPGs, ATAs, USB phones, and wireless headsets, that provide a network bridging capability to the PSTN are used on a DoD PC or network. If so, further determine if there is a validated and approved mission requirement for their use. Interview a random sampling of users regarding their use of this bridging capability. This is a finding if these devices are used and there is no validated mission requirement.
Note: this requirement applies to Bluetooth, DECT/DECT 6.0, and other RF wireless technologies for accessories. Prior to procurement and implementation of any wireless accessory, a risk analysis must be performed to ensure the technology uses acceptable encryption and does not interfere with existing technology use. This guidance is not intended to replace the existing guidance available for wireless headsets used in association with mobile devices.
M
Information Assurance Manager
594