STIGQter: STIG Summary: Traditional Security Checklist Version: 1 Release: 3 Benchmark Date: 15 Jun 2020: STIGQter: STIG Summary: Traditional Security Checklist Version: 1 Release: 3 Benchmark Date: 15 Jun 2020:SV-42293r3_rule
V-31994
End-of-Day Checks
IS-09.02.01
CAT II
10
Ensure that areas where classified information is processed or stored have an established system of security checks implemented at the close of each duty and/or business day to ensure that any area where classified information is used or stored is secure. SF 701, “Activity Security Checklist,” must be used to record these checks.
In addition to the SF 701, the responsible site or organization should have a written procedure to outline the end-of-day check process and to guide checkers with their duties. For instance the procedure should include instructions on how to handle any classified information that is found outside of proper storage.
An integral part of the security check system must incorporate the securing of all vaults, secure rooms, and containers used for storing classified material. SF 702, “Security Container Check Sheet,” must be used to record each opening, closing, and verification checks of these storage mediums.
Area verification checks will be recorded on the SF 701 upon completion of end-of-day checks. Following are recommended end-of-day checks, which should be included on the SF 701, but ultimately the checks must be tailored to fit the physical configuration and mission of the site:
a. Activation of Intrusion Detection System (IDS) alarm sensors where applicable.
b. All classified material has been properly stored.
c. Removal of CAC Cards and SIPRNet tokens from workstations.
d. All windows, doors or other openings are properly secured.
e. Verification of lock box closure for SIPRNet wall jacks and PDS lines, where applicable.
f. Additional checks such as turning off of coffee pots and lights, power-off of printers/MFDs, securing of STE keys, etc. can be identified and accomplished as part of the check.
g. The SF 701, Activity Security Checklist shall be used to record these checks, to include after hours, weekend and holiday activities.
Results of end-of-day checks (SF 701 forms) should be retained for at least 30 days (or otherwise as required by Component records management schedules) after completion of the monthly form to ensure availability for audits and resolution of subsequent discovery of security incidents or discrepancies. While 24/7 operational areas storing classified materials do not necessarily require end-of-day (EOD) checks it is highly recommended that a system of checks be instituted (similar to EOD checks) upon each change of shift. Such checks jointly conducted by incoming and outgoing supervisors can be used to verify the integrity of safes and classified equipment/materials under their control and can be used to narrow the window of time for a preliminary inquiry should a security incident occur.
Organizations that process or store classified information must establish a system of security checks at the close of each duty and/or business day to ensure that any area where classified information is used or stored is secure. SF 701, “Activity Security Checklist,” shall be used to record such checks. An integral part of the security check system shall be the securing of all vaults, secure rooms, and containers used for storing classified material. SF 702, “Security Container Check Sheet,” shall be used to record each opening, closing, and verification checks of these storage mediums. Area verification checks will be recorded on the SF 701 upon completion of end-of-day checks. Recommended end-of-day checks, which should be included on the SF 701 are:
a. Activation of Intrusion Detection System (IDS) alarm sensors where applicable.
b. All classified material has been properly stored. c. Removal of CAC Cards and SIPRNet tokens from workstations.
d. All windows, doors or other openings are properly secured.
e. Verification of lock box closure for SIPRNet wall jacks and PDS lines, where applicable.
f. Additional checks such as turning off of coffee pots and lights, power-off of printers/MFDs, securing of STE keys, etc. can be identified and accomplished as part of the check.
g. The SF 701, Activity Security Checklist shall be used to record these checks, to include after hours, weekend and holiday activities.
Results of end-of-day checks (SF 701 forms) should be retained for at least 30 days after completion of the monthly form (or otherwise as required by Component
records management schedules) to ensure availability for audits and resolution of subsequent discovery of security incidents or discrepancies.
TACTICAL ENVIRONMENT: This check is applicable in a fixed operational facility in a tactical environment if classified equipment is used or documents or media are created/extracted from the SIPRNet. The only exception will be for urgent (short term) tactical operations or other contingency situations where fixed facilities and equipment are not yet present or incapable of being used.
V-31994
False
IS-09.02.01
Organizations that process or store classified information must establish a system of security checks at the close of each duty and/or business day to ensure that any area where classified information is used or stored is secure. SF 701, “Activity Security Checklist,” shall be used to record such checks. An integral part of the security check system shall be the securing of all vaults, secure rooms, and containers used for storing classified material. SF 702, “Security Container Check Sheet,” shall be used to record each opening, closing, and verification checks of these storage mediums. Area verification checks will be recorded on the SF 701 upon completion of end-of-day checks. Recommended end-of-day checks, which should be included on the SF 701 are:
a. Activation of Intrusion Detection System (IDS) alarm sensors where applicable.
b. All classified material has been properly stored. c. Removal of CAC Cards and SIPRNet tokens from workstations.
d. All windows, doors or other openings are properly secured.
e. Verification of lock box closure for SIPRNet wall jacks and PDS lines, where applicable.
f. Additional checks such as turning off of coffee pots and lights, power-off of printers/MFDs, securing of STE keys, etc. can be identified and accomplished as part of the check.
g. The SF 701, Activity Security Checklist shall be used to record these checks, to include after hours, weekend and holiday activities.
Results of end-of-day checks (SF 701 forms) should be retained for at least 30 days after completion of the monthly form (or otherwise as required by Component
records management schedules) to ensure availability for audits and resolution of subsequent discovery of security incidents or discrepancies.
TACTICAL ENVIRONMENT: This check is applicable in a fixed operational facility in a tactical environment if classified equipment is used or documents or media are created/extracted from the SIPRNet. The only exception will be for urgent (short term) tactical operations or other contingency situations where fixed facilities and equipment are not yet present or incapable of being used.
M
2506