STIGQter: STIG Summary: Voice Video Services Policy Security Technical Implementation Guide Version: 3 Release: 17 Benchmark Date: 25 Oct 2019:

The integrity of VVoIP endpoint configuration files downloaded during endpoint registration must be validated using digital signatures.

DISA Rule

SV-17103r2_rule

Vulnerability Number

V-16115

Group Title

VVoIP 1935

Rule Version

VVoIP 1935

Severity

CAT II

CCI(s)

CCI-000366 - The organization implements the security configuration settings.

Weight

Fix Recommendation

Implement and document the integrity of VVoIP endpoint configuration files downloaded during endpoint registration is validated using digital signatures. VVoIP endpoints must use DoD PKI certifications. This requirement does not apply to hardware endpoints or UC soft clients that do not download configuration files from the session manager.

Check Contents

Review site documentation to confirm the integrity of VVoIP endpoint configuration files downloaded during endpoint registration is validated using digital signatures. This is not applicable to hardware endpoints with a preinstalled configuration file and do not download a configuration file through the network. This is not applicable to UC soft clients that do not download a configuration file through the network. If the VVoIP endpoint configuration files downloaded during endpoint registration are not digitally signed, this is a finding. If the VVoIP endpoint configuration files downloaded during endpoint registration are not validated using digital signatures, this is a finding.

The integrity of VVoIP endpoint configuration files downloaded during endpoint registration must be validated using digital signatures.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Responsibility

Target Key

Comments