Check: SRG-NET-000510-VVEP-00041
Voice Video Endpoint SRG:
SRG-NET-000510-VVEP-00041
(in versions v2 r2 through v1 r4)
Title
The Voice Video Endpoint processing unclassified information must implement NIST FIPS-validated cryptography to generate cryptographic hashes. (Cat I impact)
Discussion
Use of weak or untested encryption algorithms undermines the purposes of utilizing encryption to protect data. The network element must implement cryptographic modules adhering to the higher standards approved by the federal government since this provides assurance they have been tested and validated.
Check Content
Verify the Voice Video Endpoint processing unclassified information implements NIST FIPS-validated cryptography to generate cryptographic hashes. If the Voice Video Endpoint processing unclassified information does not implement NIST FIPS-validated cryptography to generate cryptographic hashes, this is a finding.
Fix Text
Configure the Voice Video Endpoint processing unclassified information to implement NIST FIPS-validated cryptography to generate cryptographic hashes.
Additional Identifiers
Rule ID: SV-206785r604140_rule
Vulnerability ID: V-206785
Group Title: SRG-NET-000510
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-002450 |
The information system implements organization-defined cryptographic uses and type of cryptography required for each use in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards. |
Controls
Number | Title |
---|---|
SC-13 |
Cryptographic Protection |