Title

The Voice Video Session Manager must fail to a secure state if system initialization fails, shutdown fails, or aborts fail. (Cat II impact)

Discussion

Failure in a known state can address safety or security in accordance with the mission needs of the organization. Failure to a known secure state helps prevent a loss of confidentiality, integrity, or availability in the event of a failure of the information system or a component of the system. Preserving voice video session manager state information helps to facilitate restart and return to the operational mode of the organization with less disruption to mission-essential processes. This applies to the configuration of the functionality of the voice video session manager. Abort refers to stopping a program or function before it has finished naturally and refers to both requested and unexpected terminations. This control only applies to Committee on National Security Systems Instruction (CNSSI) 1253 high confidentiality and integrity baselines.

Check Content

Verify the Voice Video Session Manager fails to a secure state when system initialization fails, shutdown fails, or aborts fail. If the Voice Video Session Manager does not fail to a secure state if system initialization fails, shutdown fails, or aborts fail, this is a finding.

Fix Text

Configure the Voice Video Session Manager to fail to a secure state if system initialization fails, shutdown fails, or aborts fail.

Additional Identifiers

Rule ID: SV-206835r508661_rule

Vulnerability ID: V-206835

Group Title: SRG-NET-000235

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.