Skip to content

Traditional Security Checklist

Rules, Groups, and Values defined within the XCCDF Benchmark

  • Storage/Handling of Classified Documents, Media, Equipment - must be under continuous personal protection and control of an authorized (cleared) individual OR guarded or stored in an approved locked security container (safe), vault, secure room, collateral classified open storage area or SCIF.

    <VulnDiscussion>Failure to store classified in an approved container OR to properly protect classified when removed from storage can lead to ...
    Rule High Severity
  • IS-06.03.01

    <GroupDescription></GroupDescription>
    Group
  • Non-Disclosure Agreement - Standard Form 312: no person may have access to classified information unless that person has a security clearance in accordance with DODM 5200.02 and has signed a Standard Form (SF) 312, Classified Information Non-Disclosure Agreement (NDA), and access is essential to the accomplishment of a lawful and authorized Government function (i.e., has a need to know).

    &lt;VulnDiscussion&gt;Failure to verify clearance and need-to-know and execute a nondisclosure agreement (NDA) before granting access to classified...
    Rule Low Severity
  • IS-07.03.01

    <GroupDescription></GroupDescription>
    Group
  • Handling of Classified Documents, Media, Equipment - Written Procedures and Training for when classified material/equipment is removed from a security container and/or secure room.

    &lt;VulnDiscussion&gt;Failure to develop procedures and to train employees on protection of classified when removed from storage could lead to the ...
    Rule Low Severity
  • IS-07.03.02

    <GroupDescription></GroupDescription>
    Group
  • Handling of Classified - Use of Cover Sheets on Documents Removed from Secure Storage

    &lt;VulnDiscussion&gt;Failure to protect readable classified information printed from classified systems such as SIPRNet when removed from secure s...
    Rule Low Severity
  • IS-08.01.01

    <GroupDescription></GroupDescription>
    Group
  • Classified Monitors/Displays (Physical Control of Classified Monitors From Unauthorized Viewing)

    &lt;VulnDiscussion&gt;Failure to limit access to unauthorized personnel to information displayed on classified monitors/displays can result in the ...
    Rule High Severity
  • IS-08.01.02

    <GroupDescription></GroupDescription>
    Group

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules