Protected Distribution System (PDS) Construction - Pull Box Security
An XCCDF Rule
Description
A PDS that is not constructed and configured as required could result in the undetected interception of classified information. REFERENCES: CJCSI 6510.01F, INFORMATION ASSURANCE (IA) AND SUPPORT TO COMPUTER NETWORK DEFENSE (CND), Enclosure C, paragraph 35.c. DoD 5220.22-M (NISPOM), Incorporating Change 2, 18 May 2016 Chapter 5, Section 4, paragraphs 5-402.c. and 5-403 DoD Manual 5200.01, Volume 3, 24 February 2012, SUBJECT: DoD Information Security Program: Protection of Classified Information, Encl 4, para 3.b. and 4.a. NIST Special Publication 800-53 (SP 800-53), Rev 4, Controls: PE-4, SC-7, and SC-8 CNSSI No. 7003, September 2015, Protected Distribution Systems (PDS), Section VIII, paragraph 25 and Section VI - DEFINITIONS - PDS Lock.
- ID
- SV-245730r822797_rule
- Version
- CS-04.01.03
- Severity
- High
- Updated
Remediation Templates
A Manual Procedure
If pull box covers are capable of being opened and used for accessing the transmission cable, the following 6 requirements apply:
1. Box covers must not have removable hinge pins. The hinge must be hidden or mechanically blocked to prevent removal.
2. If the pull box will be accessed after installation, the pull box cover must be secured with an approved PDS lock. Multiple locks may be required for larger pull-boxes.