Title

An A/B switch must not be used to share a peripheral device between two or more users. (Cat II impact)

Discussion

When using an A/B switch to switch a peripheral between two or more users the risk always exists where the peripheral is connected to the wrong IS. An example would be a scanner shared between two systems using an A/B switch. If the user presses the scan button when the A/B switch is pointed to a different IS than the user intended, the document would be scanned into the wrong system. This could lead to the compromise of sensitive data. The ISSO or SA will ensure an A/B switch is not used to share a peripheral device between two or more users.

Check Content

The reviewer will interview the ISSO or SA to verify that A/B switches are not being used to share peripherals between two users. If an A/B switch is being used to share peripherals between users, this is a finding.

Fix Text

Develop a plan to remove all A/B switches that are being used to switch peripherals between two or more users and to acquire new peripherals to support documented needs. Obtain CM approval of the plan and execute the plan.

Additional Identifiers

Rule ID: SV-6979r2_rule

Vulnerability ID: V-6757

Group Title:

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.