Skip to content
ATO Pathways
Log In
Overview
Search
Catalogs
SCAP
OSCAL
Catalogs
Profiles
Documents
References
Knowledge Base
Platform Documentation
Compliance Dictionary
Platform Changelog
About
Catalogs
XCCDF
Traditional Security Checklist
IS-10.02.01
IS-10.02.01
An XCCDF Group - A logical subset of the XCCDF Benchmark
Details
Profiles
Prose
IS-10.02.01
1 Rule
<GroupDescription></GroupDescription>
Classified Reproduction - Following guidance for System to Media Transfer of Data from systems connected specifically to the SIPRNet In-Accordance-With (IAW) US CYBERCOM CTO 10-133A.
Medium Severity
<VulnDiscussion>Failure to follow guidance for disabling removable media drives on devices connected to the SIPRNet or, if approved by the local AO, failure to follow US CYBERCOM procedures for using removable media on SIPRNet could result in the loss or compromise of classified information. REFERENCES: USCYBERCOM Communications Tasking Order (CTO) 10-133 CTO 10-004A; CTO 09-002; CTO 10-084A & CTO 10-133A CJCSI 6510.01F, INFORMATION ASSURANCE (IA) AND SUPPORT TO COMPUTER NETWORK DEFENSE (CND), Enclosure A, paragraph 6 and Enclosure C, paragraph 21.h. NIST Special Publication 800-53 (SP 800-53), Rev 4, Controls: MP-2, MP-4, SI-12. DODI 8500.01, SUBJECT: Cybersecurity, March 14, 2014 , Enclosure 3, paragraph 7. DOD Manual 5200.01, Volume 3, SUBJECT: DOD Information Security Program: Protection of Classified Information: Enclosure 2 paragraph 15., Enclosure 3 and Enclosure 7. DOD 5220.22-M (NISPOM), Incorporating Change 2, 18 May 2016, Chapter 8. NIST Special Publication 800-88, Revision 1, Guidelines for Media Sanitization, December 2014 NSA/CSS Policy Manual 9-12, 15 December 2014, Subject: NSA/CSS Storage Device Sanitization Manual CNSSP 26, National Policy on Reducing the Risk of Removable Media</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>