Multifunction Device and Network Printers STIG
Rules, Groups, and Values defined within the XCCDF Benchmark
-
MFD/Printer Security Policy
<GroupDescription></GroupDescription>Group -
Implementation of an MFD and printer security policy for the protection of classified information.
<VulnDiscussion>Department of Defense Manual 5200.01, "Protection of Classified Information" provides policy, assigns responsibilities, and p...Rule Low Severity -
MFD Level of Audit and Reviewing
<GroupDescription></GroupDescription>Group -
The level of audit has not been established or the audit logs being collected for the devices and print spoolers are not being reviewed.
<VulnDiscussion>If inadequate information is captured in the audit, the identification and prosecution of malicious user will be very difficu...Rule Low Severity -
MFD Classified Network
<GroupDescription></GroupDescription>Group -
MFDs with print, copy, scan, or fax capabilities must be prohibited on classified networks without the approval of the DAA.
<VulnDiscussion>MFDs with print, copy, scan, or fax capabilities, if compromised, could lead to the compromise of classified data or the comp...Rule High Severity -
MFD Clearing Disk Space Scan to Disk
<GroupDescription></GroupDescription>Group -
A MFD device, with scan to hard disk functionality used, is not configured to clear the hard disk between jobs.
<VulnDiscussion>If the MFD is compromised the un-cleared, previously used, space on the hard disk drive can be read which can lead to a compr...Rule Medium Severity -
MFD Scan Discretionary Access Control
<GroupDescription></GroupDescription>Group -
Scan to a file share is enabled but the file shares do not have the appropriate discretionary access control list in place.
<VulnDiscussion>Without appropriate discretionary access controls unauthorized individuals may read the scanned data. This can lead to a com...Rule Low Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.