Traditional Security Checklist
Rules, Groups, and Values defined within the XCCDF Benchmark
-
Vault/Secure Room Storage Standards - Intrusion Detection System and Automated Entry Control System (IDS/AECS) Component Tamper Protection
<VulnDiscussion>Failure to tamper protect IDS/AECS component enclosures and access points external to protected vaults/secure rooms space cou...Rule Medium Severity -
IS-02.02.07
<GroupDescription></GroupDescription>Group -
Vault/Secure Room Storage Standards - Primary IDS Monitoring Location Outside the Monitored Space
<VulnDiscussion>Failure to locate the alarm monitoring station at an external location; at a safe distance from the space being monitored, to...Rule Medium Severity -
IS-02.02.08
<GroupDescription></GroupDescription>Group -
Vault/Secure Room Storage Standards - Automated Entry Control System (AECS) Keypad Device Protection: Keypad devices designed or installed in a manner that an unauthorized person in the immediate vicinity cannot observe the selection of input numbers.
<VulnDiscussion>If someone were to successfully observe an authorized user's selection of numbers for their PIN at an entrance to a classifie...Rule Low Severity -
IS-03.02.01
<GroupDescription></GroupDescription>Group -
Vault/Secure Room Storage Standards - Automated Entry Control System (AECS) Records Maintenance, which includes documented procedures for granting and removal of access.
<VulnDiscussion>Failure to document procedures for removal of access and inadequate maintenance of access records for both active and removed...Rule Medium Severity -
IS-02.02.09
<GroupDescription></GroupDescription>Group -
Vault/Secure Room Storage Standards - Automated Entry Control System (AECS) Transmission Line Security: AECS Transmission lines traversing an uncontrolled area (not within at least a Secret Controlled Access Area (CAA) ) shall use line supervision OR Electrical, mechanical, or electromechanical access control devices, which do not constitute an AECS that are used to control access during duty hours must have all electrical components, that traverse outside minimally a Secret Controlled Access Area (CAA), secured within conduit.
<VulnDiscussion>Persons not vetted to at least the same level of classification residing on the information systems being protected by the AE...Rule Medium Severity -
IS-02.02.10
<GroupDescription></GroupDescription>Group
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.