Title

Input or output devices including, but not limited to, scanners, printers, or plotters must not be attached to an A/B switches that spans classification levels. (Cat I impact)

Discussion

Input devices attached to A/B switches that are in turn attached to ISs of different classification levels could input data to the wrong IS compromising sensitive or classified data and/or the IS involved. Output from output devices attached to A/B switches that are in turn attached to ISs of different classification levels could be picked up by an individual other than the one the data was intended, leading to a compromise of sensitive or classified data. The ISSO will ensure input and output devices including but not limited to scanners, printers, or plotters are not attached to A/B switches that span classification levels.

Check Content

The reviewer will view the A/B switch to verify input and output devices including, but not limited to, scanners, printers, or plotters are not attached to an A/B switch that spans classification levels. If input and output devices are attached to an A/B switch that spans classification levels, this is a finding.

Fix Text

Remove the A/B switch attached to ISs of different classification levels and an input or output peripheral.

Additional Identifiers

Rule ID: SV-6985r2_rule

Vulnerability ID: V-6763

Group Title:

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.