Check: DSN07.01
Defense Switched Network (DSN) STIG:
DSN07.01
(in versions v2 r8 through v2 r7)
Title
The Direct Inward System Access feature and/or access to Voice Mail is not controlled by either class of service, special authorization code, or PIN. (Cat III impact)
Discussion
Requirement: The IAO will ensure that either class of service, special authorization code or PIN controls access to Voice Mail services. If used, the Direct Inward System Access feature provides subscriber access to the DSN from outside facilities. Users of this feature may connect to the DSN switch from the trunk side of the system and appear to the system as a local user having access to system features. Such users can make calls on the DSN as if they are on the line side of the switch. If this feature is not controlled, risk of unauthorized access to the DSN could result in call fraud and abuse. If operationally required, this feature should be implemented with class of service, special authorization code, or PIN assigned. Additionally. Voice Mail access should be configured to require a PIN.
Check Content
Review current configuration files of effected devices to confirm compliance
Fix Text
Implement processes / procedures, generate documents, and/or adjust configuration(s) / architecture, as necessary to comply with policy.
Additional Identifiers
Rule ID: SV-8427r1_rule
Vulnerability ID: V-7941
Group Title: Direct Inward System Access not controlled
Expert Comments
CCIs
Number | Definition |
---|---|
No CCIs are assigned to this check |
Controls
Number | Title |
---|---|
No controls are assigned to this check |