STIGQter: STIG Summary: Voice Video Services Policy Security Technical Implementation Guide Version: 3 Release: 17 Benchmark Date: 25 Oct 2019:

Unencrypted and unsigned VVoIP endpoint configuration files traversing the DISN must be protected within a VPN between enclaves.

DISA Rule

SV-60629r1_rule

Vulnerability Number

V-47753

Group Title

VVoIP 1415

Rule Version

VVoIP 1415 (GENERAL)

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Configure the VVoIP endpoint configuration files traversing the DISN to be protected within a VPN secured using FIPS 140-2 or NSA approved encryption between enclaves.

Check Contents

Interview the IAO to confirm compliance with the following requirement:
Verify VVoIP endpoint configuration files traversing the DISN must be protected within a VPN secured using FIPS 140-2 or NSA approved encryption between enclaves. The reviewer may downgrade to CAT 3 when vendor provided PKI or x.509 certs are used rather than DoD PKI certificates.

NOTE: This requirement is not applicable to systems that use Cisco TFTP.

Vulnerability Number

V-47753

Documentable

False

Rule Version

VVoIP 1415 (GENERAL)

Severity Override Guidance

Interview the IAO to confirm compliance with the following requirement:
Verify VVoIP endpoint configuration files traversing the DISN must be protected within a VPN secured using FIPS 140-2 or NSA approved encryption between enclaves. The reviewer may downgrade to CAT 3 when vendor provided PKI or x.509 certs are used rather than DoD PKI certificates.

NOTE: This requirement is not applicable to systems that use Cisco TFTP.

Check Content Reference

M

Responsibility

Information Assurance Officer

Target Key

594

Comments