STIGQter: STIG Summary: Traditional Security Checklist Version: 1 Release: 3 Benchmark Date: 15 Jun 2020: STIGQter: STIG Summary: Traditional Security Checklist Version: 1 Release: 3 Benchmark Date: 15 Jun 2020:SV-41539r3_rule
V-31272
Information Security (INFOSEC) - Secure Room Storage Standards Windows
IS-02.01.05
CAT I
10
For secure rooms or areas (*containing inspectable SIPRNet assets) the following standards must be used:
1. Window placement in secure rooms must be minimal. There must be no large or entirely glass walls. Where windows are located on the exterior of secure rooms (AKA: collateral classified open storage areas) the vulnerabilities, existing and potential additional countermeasures, and residual risk associated with the windows must be considered in an assessment of risk for the secure room. NOTE that a risk assessment is required for all secure rooms IAW DoD Manual 5200.01, Volume 3, Enclosure 3, paragraph 4.
2. Windows that are less than 18 feet above the ground measured from the bottom of the window, or are easily accessible by means of objects directly beneath the windows shall be constructed from or covered with materials that provide protection from forced entry. The protection provided to the windows need be no stronger than the strength of the contiguous walls. Hurricane rated windows, ballistic proof windows, non-opening double or triple pane windows, etc. should be considered acceptable as equivalent to contiguous walls. Welded steel bars attached to the structure surrounding the window may also be used for hardening windows that are not as strong as the contiguous walls (e.g. single pane glass).
3. As an alternative to hardening windows (that are not as strong as the contiguous walls) with welded steel bars; secure rooms that are located within an access controlled installation or compound may eliminate the requirement for forced entry protection if the following countermeasures are taken: All windows within 18 feet of ground level, that are capable of being opened from inside the protected space shall make the windows inoperable either by permanently sealing them or equipping them on the inside with a locking mechanism and also protecting them by an IDS, either independently (e.g. glass break sensors) or by motion detection sensors in the space.
4. Windows will be covered with curtains, screens or otherwise limit visibility into the secure room space when classified equipment, documents or media can be viewed from outside the area.
For secure rooms or areas (*containing inspectable SIPRNet assets) check windows as follows:
1. Window placement in secure rooms should be minimal. Ideally, there should be no large or entirely glass walls; although this will not automatically result in a finding if the glass is hardened to the same degree as the contiguous walls and properly obscured from outside viewing. Where windows are located on the exterior of secure rooms (AKA: collateral classified open storage areas) the vulnerabilities, existing and potential additional countermeasures, and residual risk associated with the windows must be considered in an assessment of risk for the secure room. NOTE that a risk assessment is required for all secure rooms IAW DoD Manual 5200.01, Volume 3, Enclosure 3, paragraph 4.
2. Windows that are less than 18 feet above the ground measured from the bottom of the window, or are easily accessible by means of objects directly beneath the windows shall be constructed from or covered with materials that provide protection from forced entry. The protection provided to the windows need be no stronger than the strength of the contiguous walls. Hurricane rated windows, ballistic proof windows, non-opening double or triple pane windows, etc. should be considered acceptable as equivalent to contiguous walls. Welded steel bars attached to the structure surrounding the window may also be used for hardening windows that are not as strong as the contiguous walls (e.g. single pane glass).
3. As an alternative to hardening windows (that are not as strong as the contiguous walls) with welded steel bars; secure rooms that are located within an access controlled installation or compound may eliminate the requirement for forced entry protection if the following countermeasures are taken: All windows within 18 feet of ground level, that are capable of being opened from inside the protected space shall make the windows inoperable either by permanently sealing them or equipping them on the inside with a locking mechanism and also protecting them by an IDS, either independently (e.g. glass break sensors) or by motion detection sensors in the space.
4. Windows will be covered with curtains, screens or otherwise limit visibility into the secure room space when classified equipment, documents or media can be viewed from outside the area.
TACTICAL ENVIRONMENT: This check is applicable where secure rooms are used to protect classified materials or systems. The only exception will be for urgent (short term) tactical operations or other contingency situations where fixed facilities and equipment are not yet present or incapable of being used.
V-31272
False
IS-02.01.05
For secure rooms or areas (*containing inspectable SIPRNet assets) check windows as follows:
1. Window placement in secure rooms should be minimal. Ideally, there should be no large or entirely glass walls; although this will not automatically result in a finding if the glass is hardened to the same degree as the contiguous walls and properly obscured from outside viewing. Where windows are located on the exterior of secure rooms (AKA: collateral classified open storage areas) the vulnerabilities, existing and potential additional countermeasures, and residual risk associated with the windows must be considered in an assessment of risk for the secure room. NOTE that a risk assessment is required for all secure rooms IAW DoD Manual 5200.01, Volume 3, Enclosure 3, paragraph 4.
2. Windows that are less than 18 feet above the ground measured from the bottom of the window, or are easily accessible by means of objects directly beneath the windows shall be constructed from or covered with materials that provide protection from forced entry. The protection provided to the windows need be no stronger than the strength of the contiguous walls. Hurricane rated windows, ballistic proof windows, non-opening double or triple pane windows, etc. should be considered acceptable as equivalent to contiguous walls. Welded steel bars attached to the structure surrounding the window may also be used for hardening windows that are not as strong as the contiguous walls (e.g. single pane glass).
3. As an alternative to hardening windows (that are not as strong as the contiguous walls) with welded steel bars; secure rooms that are located within an access controlled installation or compound may eliminate the requirement for forced entry protection if the following countermeasures are taken: All windows within 18 feet of ground level, that are capable of being opened from inside the protected space shall make the windows inoperable either by permanently sealing them or equipping them on the inside with a locking mechanism and also protecting them by an IDS, either independently (e.g. glass break sensors) or by motion detection sensors in the space.
4. Windows will be covered with curtains, screens or otherwise limit visibility into the secure room space when classified equipment, documents or media can be viewed from outside the area.
TACTICAL ENVIRONMENT: This check is applicable where secure rooms are used to protect classified materials or systems. The only exception will be for urgent (short term) tactical operations or other contingency situations where fixed facilities and equipment are not yet present or incapable of being used.
M
Associated Traditional Security STIG Rules are:
Rule Title: Information Security (INFOSEC) - Secure Room Storage Standards - Intrusion Detection System (IDS), STIG ID: IS-02.01.07 Rule ID: SV-41541r3_rule Vuln ID: V-31274
Rule Title: Risk Assessment -Holistic Review (site/environment/information systems)
STIG ID: PH-02.02.01 Rule ID: SV-42878r3_rule Vuln ID: V-32541
2506