STIGQter STIGQter: STIG Summary: Traditional Security Checklist Version: 1 Release: 3 Benchmark Date: 15 Jun 2020:

Foreign National (FN) System Access - FN or Immigrant Aliens (not representing a foreign government or entity) with LAA Granted Uncontrolled Access

DISA Rule

SV-41436r3_rule

Vulnerability Number

V-31227

Group Title

Foreign National (FN) System Access/Immigrant Aliens with LAA -Uncontrolled Access

Rule Version

FN-03.01.02

Severity

CAT I

CCI(s)

Weight

10

Fix Recommendation

1. Personnel granted LAAs must not be permitted uncontrolled access to areas where classified information is stored or discussed (safes, vaults and secure room in particular). Classified information must be maintained in a location that will be under the continuous control and supervision of an appropriately cleared U.S. citizen.

2. Access granted to DoD information systems must be properly controlled so that any FN granted an LAA has systems access only to that sensitive (CUI) or classified information to which they are specifically authorized.

Check Contents

1. Check to ensure that personnel granted LAAs are not permitted uncontrolled access to areas where classified information is stored or discussed (safes, vaults and secure room in particular). Classified information must be maintained in a location that will be under the continuous control and supervision of an appropriately cleared U.S. citizen.

2. Check to ensure that access to DoD information systems is properly controlled so that any FN granted an LAA has systems access only to that sensitive (CUI) or classified information to which they are specifically authorized. This check will require close coordination and consultation with a network reviewer or SME.

TACTICAL ENVIRONMENT: This check is applicable where any non-U.S. citizens (not representing a foreign Government or entity) are employed in a tactical environment with access to US Classified or Sensitive Systems.

Vulnerability Number

V-31227

Documentable

False

Rule Version

FN-03.01.02

Severity Override Guidance

1. Check to ensure that personnel granted LAAs are not permitted uncontrolled access to areas where classified information is stored or discussed (safes, vaults and secure room in particular). Classified information must be maintained in a location that will be under the continuous control and supervision of an appropriately cleared U.S. citizen.

2. Check to ensure that access to DoD information systems is properly controlled so that any FN granted an LAA has systems access only to that sensitive (CUI) or classified information to which they are specifically authorized. This check will require close coordination and consultation with a network reviewer or SME.

TACTICAL ENVIRONMENT: This check is applicable where any non-U.S. citizens (not representing a foreign Government or entity) are employed in a tactical environment with access to US Classified or Sensitive Systems.

Check Content Reference

M

Target Key

2506

Comments