STIGQter: STIG Summary: Test and Development Zone D Security Technical Implementation Guide Version: 1 Release: 5 Benchmark Date: 26 Oct 2018:

The test and development environment must not have access to DoD operational networks.

DISA Rule

SV-51527r1_rule

Vulnerability Number

V-39660

Group Title

ENTD0210 - Test and development environment has access to DoD operational networks.

Rule Version

ENTD0210

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Prohibit non-IA-compliant systems or devices in the test and development environment from accessing any DoD operational network or live data.

Check Contents

Determine whether there are procedures in place to prohibit non-IA-compliant systems or devices from accessing any DoD operational network. If no procedure is in place to prohibit connection to any DoD operational network by non-IA-compliant systems, this is a finding.

Vulnerability Number

V-39660

Documentable

False

Rule Version

ENTD0210

Severity Override Guidance

Determine whether there are procedures in place to prohibit non-IA-compliant systems or devices from accessing any DoD operational network. If no procedure is in place to prohibit connection to any DoD operational network by non-IA-compliant systems, this is a finding.

Check Content Reference

M

Target Key

1134

Comments