Skip to content
ATO Pathways
Log In
Overview
Search
Catalogs
SCAP
OSCAL
Catalogs
Profiles
Documents
References
Knowledge Base
Platform Documentation
Compliance Dictionary
Platform Changelog
About
Catalogs
XCCDF
Traditional Security Checklist
IS-02.01.10
Information Security (INFOSEC) - Secure Room Storage Standards - Four (4) Hour Random Checks in Lieu of Using Intrusion Detection System (IDS)
Information Security (INFOSEC) - Secure Room Storage Standards - Four (4) Hour Random Checks in Lieu of Using Intrusion Detection System (IDS)
An XCCDF Rule
Details
Profiles
Prose
Information Security (INFOSEC) - Secure Room Storage Standards - Four (4) Hour Random Checks in Lieu of Using Intrusion Detection System (IDS)
High Severity
<VulnDiscussion>Failure to meet standards for ensuring that there is structural integrity of the physical perimeter surrounding a secure room (AKA: collateral classified open storage area) IAW DoD Manual 5200.01, Volume 3 could result in the undetected loss or compromise of classified material. Using a physical intrusion detection system enables immediate detection of attempted and/or actual intrusion into a secure room space. This is often the best supplemental protective measure (vice using 4-hour random checks) due to providing capability for immediate detection, and for immediate response to assess and counter the threat to the secure room space. Use of 4-hour checks may be adequate if supported by a risk assessment, but will not provide the immediate detection and response capability of a properly installed IDS. It is required that a risk assessment be conducted to determine which of the two intrusion detection methods (use of IDS OR 4-hour random checks) is appropriate for any particular location. If the risk assessment results in a determination that use of 4-hour random checks is the most cost efficient supplemental control (vice IDS) to protect SIPRNet assets contained in secure rooms, the manner in which the checks are conducted can greatly impact the effectiveness of the checks. Thorough physical checks conducted on a frequent basis can reduce the time between an attempted or actual intrusion and time of discovery - during random checks. REFERENCES: CJCSI 6510.01F, INFORMATION ASSURANCE (IA) AND SUPPORT TO COMPUTER NETWORK DEFENSE (CND), Enclosure C, paragraphs 24.j. and 34. NIST Special Publication 800-53 (SP 800-53), Rev 4, Controls: MP-4, PE-3, PE-5 and PE-6 DoD Manual 5200.01, Volume 3, SUBJECT: DoD Information Security Program: Protection of Classified Information: Enclosure 3, paragraph 3.b.(3)(a) and 4. The Information Security Oversight Office (ISOO): http://www.archives.gov/isoo/ Implementing Directive for Protection of Classified (for Executive Order 13526), 32 CFR Parts 2001 and 2003 Classified National Security Information: Subpart E - Safeguarding. paragraph 2001.40 General. (b) and paragraph 2001.43 Storage, (2) Secret. DoD 5220.22-M (NISPOM), Incorporating Change 2, 18 May 2016, paragraph 5-306. Closed Areas.; paragraph 5-307 Supplemental Protection. b. & c.; *paragraphs 8-102., 8-201. & 8-301.e. (*for risk assessment requirements)</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>