Title

Attendant console ports are available to unauthorized users by not allowing any instrument other than the Attendant console to connect to the Attendant console port. (Cat III impact)

Discussion

Requirement: The IAO will ensure that attendant console ports will not be available to unauthorized users by not allowing any instrument other than the attendant console to connect to the attendant console port. Additionally the attendant console shall not be able to connect to a regular instrument port. Attendant console ports provide privileged access to switch features not normally provided to the normal subscriber community. This type of access to unauthorized users or subscribers can result in disruption of calls processing, calls monitoring, or unauthorized class of service. Positive control of attendant consoles and ports must be enforced to mitigate these types of vulnerabilities.

Check Content

Interview the IAO or SA and confirm compliance through discussion, review of site policy, diagrams, documentation, DAA approvals, etc as applicable.

Fix Text

Implement processes / procedures, generate documents, and/or adjust configuration(s) / architecture, as necessary to comply with policy.

Additional Identifiers

Rule ID: SV-8420r1_rule

Vulnerability ID: V-7934

Group Title: Attendant ports available to unauthorized users

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.