STIGQter: STIG Summary: Multifunction Device and Network Printers STIG Version: 2 Release: 14 Benchmark Date: 25 Oct 2019: STIGQter: STIG Summary: Multifunction Device and Network Printers STIG Version: 2 Release: 14 Benchmark Date: 25 Oct 2019:SV-7030r1_rule
V-6805
MFD Hard Drive Lock
MFD08.001
CAT II
10
If the lock is not locked, lock it.
If there is no lock see if the vendor makes one and if so acquire it an lock the drive.
If the vendor does not supply a lock, acquire an aftermarket lock that will secure the drive so that it cannot be accessed. Even a drive that cannot be removed but the connectors can be removed is vulnerable.
The reviewer will, with the assistance of the SA, verify that the device has a mechanism to lock and prevent access to the hard disk.
What we are looking for here is a locking mechanism with a key securing the hard drive or the case access to the hard drive. The lock will be locked or this is a finding.
Note: This is not required if physical security measures are in place, if the drive is not easily removable, if drive is encrypted, or if there is zeroization or other strong protection mechanism.
V-6805
False
MFD08.001
The reviewer will, with the assistance of the SA, verify that the device has a mechanism to lock and prevent access to the hard disk.
What we are looking for here is a locking mechanism with a key securing the hard drive or the case access to the hard drive. The lock will be locked or this is a finding.
Note: This is not required if physical security measures are in place, if the drive is not easily removable, if drive is encrypted, or if there is zeroization or other strong protection mechanism.
M
Information Assurance Officer
551