Skip to content
ATO Pathways
Log In
Overview
Search
Catalogs
SCAP
OSCAL
Catalogs
Profiles
Documents
References
Knowledge Base
Platform Documentation
Compliance Dictionary
Platform Changelog
About
Catalogs
XCCDF
Traditional Security Checklist
PH-09.03.01
PH-09.03.01
An XCCDF Group - A logical subset of the XCCDF Benchmark
Details
Profiles
Prose
PH-09.03.01
1 Rule
<GroupDescription></GroupDescription>
Physical Penetration Testing - of Facilities or Buildings Containing Information Systems (IS) Connected to the DISN
Low Severity
<VulnDiscussion>Failure to periodically test facility/building security where Information Systems (IS) connected to the DISN are present could lead to the unauthorized access of an individual into the facility with nefarious intentions to affect the Confidentiality, Integrity or Assurance of data or hardware on the IS. REFERENCES: DoD 5200.8-R Physical Security Program Chapter 2, para C2.1.3.2. C2.1.3.4. and C2.2.4. DoD Manual 5200.08 Volume 3, Physical Security Program: Access to DoD Installations, 2 January 2019 DoD 5220.22-M (NISPOM), February 2006, Incorporating Change 2, May 18, 2016 Chapter 8, paragraph 8-101.d. NIST Special Publication 800-53 (SP 800-53) Controls: CA-2, CA-8 and PE-3(6) and PE-6 CJCSI 6510.01F, INFORMATION ASSURANCE (IA) AND SUPPORT TO COMPUTER NETWORK DEFENSE (CND), 9 February 2011 Encl A, para 8.b., Encl C paragraphs 6.b. 12.a. 34. DoDI 8500.01, March 14, 2014, DoD CIO, SUBJECT: Cybersecurity Encl 2, para 13.s. and Encl 3, paragraphs 3.b. & 5.c.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>