STIGQter: STIG Summary: Traditional Security Checklist Version: 1 Release: 3 Benchmark Date: 15 Jun 2020: STIGQter: STIG Summary: Traditional Security Checklist Version: 1 Release: 3 Benchmark Date: 15 Jun 2020:SV-40855r3_rule
V-30837
COMSEC Account Management - Equipment and Key Storage
CS-01.01.01
CAT I
10
COMSEC material must be stored in a GSA approved container such as safe, vault, or secure room IAW (NSA/CSS Policy Manual 3-16, Section XI, paragraph 89). Specific standards are:
1. Keyed crypto equipment must be housed within a proper GSA safe, vault or secure room.
2. If crypto equipment is not housed within a proper GSA safe, vault or secure room the Crypto Encryption Key must be removed and stored in a GSA approved safe or in a separate room from the crypto equipment when the equipment is not under the continuous observation and control of a properly cleared person.
3. Information Processing System (IPS) containers (safes) may be used to securely store and operate keyed equipment.
4. If unclassified crypto equipment is not operated in a safe, vault or secure room it must minimally be maintained within an approved Secret or higher Controlled Access Area (CAA) and further secured in a locked room (equipment closet) or equipment rack suitable for control of sensitive equipment to ensure only system administrator and COMSEC personnel have access to the equipment.
5. NOTES: This requirement applies to a tactical environment. Unless under continuous observation and control, Crypto Equipment Key must be removed and maintained separately from the encryption device - unless it is operated in a proper safe, vault or secure room. Ensure that any COMSEC account, materials or equipment being inspected is used for encryption of DoDIN assets. COMSEC items not used with DoDIN assets should not be inspected. Specifically, only COMSEC items associated with the CCSDs being inspected are to be included in this check.
Ask the COMSEC Custodian, COMSEC Responsible Officer (CRO), Security Manager or ISSM how COMSEC equipment and materials are transported, handled and stored. Physically check that crypto equipment, keys, and keyed crypto are handled and stored properly. Reviewers must annotate specific types of crypto devices observed in the finding details or comments, (e.g. TACLANE, KIV 7, etc.)
V-30837
False
CS-01.01.01
Ask the COMSEC Custodian, COMSEC Responsible Officer (CRO), Security Manager or ISSM how COMSEC equipment and materials are transported, handled and stored. Physically check that crypto equipment, keys, and keyed crypto are handled and stored properly. Reviewers must annotate specific types of crypto devices observed in the finding details or comments, (e.g. TACLANE, KIV 7, etc.)
M
2506