Protected Distribution System (PDS) Monitoring - Technical Inspections
An XCCDF Rule
Description
<VulnDiscussion>A PDS that is not inspected, monitored and maintained as required could result in undetected access, sabotage or tampering of the unencrypted transmission lines. This could directly lead to the loss or compromise of classified. REFERENCES: CJCSI 6510.01F, INFORMATION ASSURANCE (IA) AND SUPPORT TO COMPUTER NETWORK DEFENSE (CND), Enclosure C, paragraph 35.c. DoD 5220.22-M (NISPOM), Incorporating Change 2, 18 May 2016 Chapter 5, Section 4, paragraphs 5-402.c. and 5-403 DoD Manual 5200.01, Volume 3, 24 February 2012, SUBJECT: DoD Information Security Program: Protection of Classified Information, Encl 4, para 3.b. and 4.a. NIST Special Publication 800-53 (SP 800-53), Rev 4, Controls: PE-4, SC-7, SC-8, IR-4, IR-6, and PE-19 CNSSI No. 7003, September 2015, Protected Distribution Systems (PDS), Section XI, paragraph 34. and Table 4. PDS Technical Inspection Schedule.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>
- ID
- SV-245742r822809_rule
- Severity
- Low
- Updated
Remediation - Manual Procedure
Correction of this finding can only be made by complete compliance with all the following CNSSI 7003 requirements:
1. Technical inspections of PDS must be conducted at least one or more times annually IAW Table 4. PDS Technical Inspection Schedule, of the CNSSI 7003.
2. Checks and results must be documented and retained on file for a minimum of one year - or longer if required by the AO.