Check: ENTD0310
Test and Development Zone D STIG:
ENTD0310
(in versions v1 r6 through v1 r3)
Title
Remote access into the test and development environment must originate from a non-DoD operational network segment. (Cat II impact)
Discussion
If remote access is needed to access the test and development environment, it must be originated from a non-DoD operational network segment. Examples of this are a virtual machine located on government-furnished equipment used for operational tasks, or a separate physical machine sitting in a separate network segment or VLAN. Keeping direct access off the DoD operational network will reduce the risk of test and development data being leaked, potentially damaging or compromising live data.
Check Content
Determine whether remote access to the test and development environment from any DoD operational network segment has been prohibited. If no procedures exist to prohibit remote access to the test and development environment from any DoD operational network, this is a finding.
Fix Text
Prohibit remote access from DoD operational networks.
Additional Identifiers
Rule ID: SV-51537r1_rule
Vulnerability ID: V-39670
Group Title: ENTD0310 - Remote access originates from DoD operational networks.
Expert Comments
CCIs
Number | Definition |
---|---|
No CCIs are assigned to this check |
Controls
Number | Title |
---|---|
No controls are assigned to this check |