Title

Tamper evident seals must be attached to the A/B switch and all IS cables at their attachment points for A/B switches attached to devices or ISs that have different classification levels. (Cat II impact)

Discussion

Without the presences of tamper evident seals the A/B switch or its connections can be tampered with and the tampering will go undetected. This can lead to the compromise of sensitive data or the compromise of an IS. When an A/B switch is attached to ISs of different classification levels, the ISSO or SA will ensure tamper evident seals are attached to the A/B switch and all IS cables at their attachment points.

Check Content

The reviewer will, for an A/B switch attached to devices or ISs which are at different classification levels, view the A/B switch to verify tamper evident seals are attached to the A/B switch and all IS cables at their attachment points. If tamper evident seals are not attached to the A/B switch and all IS cables at their attachment points, this is a finding.

Fix Text

For an A/B switch attached to devices or ISs which are at different classification levels, attach tamper evident seals. NSA IAD Protective Technologies has tamper evident products available for use, including seals for RJ45, D-sub, and USB ports. These can be obtained by contacting them either on NIPRNet at ptproducts@radium.ncsc.mil or on SIPRNet at ptproducts@nsa.smil.mil. When ordering, please specify that this is for use on a DoD Information System and the government use version is needed.

Additional Identifiers

Rule ID: SV-6982r3_rule

Vulnerability ID: V-6760

Group Title:

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.