STIGQter: STIG Summary: Test and Development Zone B Security Technical Implementation Guide Version: 1 Release: 5 Benchmark Date: 26 Oct 2018:

Application development must not occur on DoD operational network segments.

DISA Rule

SV-51294r1_rule

Vulnerability Number

V-39436

Group Title

ENTD0060 - Development on operational network segments.

Rule Version

ENTD0060

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Designate network segments for applications and systems development. Document these designated network segments in the network diagrams for the T&D environment.

Check Contents

Review the organization's network diagrams to determine whether network segments for development have been established and outlined in the documentation. If application development occurs on DoD operational networks, this is a finding.

If there isn't any application development occurring in the zone environment, this requirement is not applicable.

Vulnerability Number

V-39436

Documentable

False

Rule Version

ENTD0060

Severity Override Guidance

Review the organization's network diagrams to determine whether network segments for development have been established and outlined in the documentation. If application development occurs on DoD operational networks, this is a finding.

If there isn't any application development occurring in the zone environment, this requirement is not applicable.

Check Content Reference

M

Target Key

1132

Comments