Title

Applicable security packages have not been installed on the system. (Cat II impact)

Discussion

Requirement: The IAO will ensure that all applicable security feature packages have been installed on the system to enable the required security features. In order for the requirements of this STIG to be met, a number of specific security software packages may need to be loaded on each switch. However, in most cases these packages will be part of the software load at the time of purchase and no additional steps will need to be taken. It is, however, the responsibility of the IAO to ensure that all necessary software is installed and up-to-date as dictated by the PMO in coordination with the DSN APL certifications. Without all system security software installed, all system security features cannot be configured or implemented. It is the responsibility of the ISSO/IAO to ensure that security features are available on the DSN components under their control through the application of certain software packages.

Check Content

Interview the IAO or SA and confirm compliance through discussion, review of site policy, diagrams, documentation, DAA approvals, etc as applicable.

Fix Text

Apply all required security software to the DSN components as required.

Additional Identifiers

Rule ID: SV-8422r1_rule

Vulnerability ID: V-7936

Group Title: Security packages have not been installed

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.