Title

Application development must not occur on DoD operational network segments. (Cat II impact)

Discussion

To reduce the risk of compromise of DoD operational networks and data, application and system development needs to be limited to systems within a network segment designated for development only.

Check Content

Review the organization's network diagrams to determine whether network segments for development have been established and outlined in the documentation. If application development occurs on DoD operational networks, this is a finding. If there isn't any application development occurring in the zone environment, this requirement is not applicable.

Fix Text

Designate network segments for applications and systems development. Document these designated network segments in the network diagrams for the T&D environment.

Additional Identifiers

Rule ID: SV-51294r1_rule

Vulnerability ID: V-39436

Group Title: ENTD0060 - Development on operational network segments.

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.