Skip to content
Log In

II - Mission Support Classified

Rules and Groups employed by this XCCDF Profile

  • CS-01.03.01

    Group
    Show

  • COMSEC Account Management - Appointment of Responsible Person

    Lack of formal designation of an individual to be responsible for COMSEC items could result in mismanagement, loss or even compromise of COMSEC materials. Additionally, lack of formal vetting for ...
    Rule Low Severity
    Show

  • CS-01.03.02

    Group
    Show

  • COMSEC Account Management - Program Management and Standards Compliance

    Recipients of NSA or Service COMSEC accounts are responsible to properly maintain the accounts. Procedures covering security, transport, handling, etc., of COMSEC must be developed to supplement re...
    Rule Low Severity
    Show

  • CS-02.02.01

    Group
    Show

  • COMSEC Training - COMSEC Custodian or Hand Receipt Holder

    Lack of appropriate training for managers of COMSEC accounts could result in the mismanagement of COMSEC records and inadequate physical protection and ultimately lead to the loss or compromise of ...
    Rule Medium Severity
    Show

  • CS-02.02.02

    Group
    Show

  • COMSEC Training - COMSEC User

    Failure to properly brief COMSEC users could result in the loss of cryptologic devices or key, or the compromise of classified information. REFERENCES: DOD Manual 5200.01, Volume 1, 24 February ...
    Rule Medium Severity
    Show

  • CS-03.01.01

    Group
    Show

  • Classified Transmission - Electronic Means using Cryptographic System Authorized by the Director, NSA

    Failure to properly encrypt classified data in transit can lead to the loss or compromise of classified or sensitive information. REFERENCES: DoD 5220.22-M (NISPOM), Incorporating Change 2, 18 Ma...
    Rule High Severity
    Show

  • CS-04.01.01

    Group
    Show

  • Protected Distribution System (PDS) Construction - Point of Presence (PoP) and Terminal Equipment Protection. This requirement concerns security of both the starting and ending points for PDS within proper physically protected and access controlled environments.

    A PDS that is not constructed and physically protected as required could result in the covert or undetected interception of classified information. REFERENCES: CJCSI 6510.01F, INFORMATION ASSURAN...
    Rule High Severity
    Show

  • CS-04.01.02

    Group
    Show

  • Protected Distribution System (PDS) Construction - Hardened Carrier

    A PDS that is not constructed and configured as required could result in the undetected interception of classified information. REFERENCES: CJCSI 6510.01F, INFORMATION ASSURANCE (IA) AND SUPPORT ...
    Rule High Severity
    Show

  • CS-04.01.03

    Group
    Show

  • Protected Distribution System (PDS) Construction - Pull Box Security

    A PDS that is not constructed and configured as required could result in the undetected interception of classified information. REFERENCES: CJCSI 6510.01F, INFORM...
    Rule High Severity
    Show

  • CS-04.01.04

    Group
    Show

  • Protected Distribution System (PDS) Construction - Buried PDS Carrier

    Buried carriers are normally used to extend a PDS between CAAs that are located in different buildings. As with other Category 2 PDS the unencrypted data cables must be installed in a carrier. A PD...
    Rule High Severity
    Show

  • CS-04.01.05

    Group
    Show

  • Protected Distribution System (PDS) Construction - External Suspended PDS

    Suspended carriers (Exterior PDS) are a Category 2 PDS option used to extend a PDS between Controlled Access Areas (CAAs) that are located in different buildings. Suspended carriers may be used fo...
    Rule High Severity
    Show

  • CS-04.01.06

    Group
    Show

  • Protected Distribution System (PDS) Construction - Continuously Viewed Carrier

    A PDS that is not constructed and configured as required could result in the undetected interception of classified information. A continuously viewed PDS may not be in a physically hardened carrie...
    Rule High Severity
    Show

  • CS-04.01.07

    Group
    Show

  • Protected Distribution System (PDS) Construction - Tactical Environment Application

    A PDS that is not constructed and configured as required could result in the undetected interception of classified information. Within mobile tactical situations a hardened carrier is not possible ...
    Rule High Severity
    Show

  • CS-04.01.08

    Group
    Show

  • Protected Distribution System (PDS) Construction - Alarmed Carrier

    A PDS that is not constructed and configured as required could result in the covert or undetected interception of classified information. An Alarmed Carrier is one of five types of Category 2 PDS....
    Rule High Severity
    Show

  • CS-04.02.01

    Group
    Show

  • Protected Distribution System (PDS) Construction - Visible for Inspection and Marked

    A PDS that is not completely visible for inspection and easily identified cannot be properly inspected and monitored as required, which could result in undetected access, sabotage or tampering of t...
    Rule Medium Severity
    Show

  • CS-04.02.02

    Group
    Show

  • Protected Distribution System (PDS) Construction - Sealed Joints

    A PDS that is not constructed and sealed as required could result in the undetected interception of classified information. Sealing of joints is necessary to ensure that daily visual inspections o...
    Rule Medium Severity
    Show

  • CS-05.03.01

    Group
    Show

  • Protected Distribution System (PDS) Documentation - Signed Approval

    A PDS that is not approved could cause an Information System Security Manager (ISSM), Authorizing Official (AO) and other concerned managerial personnel to not be fully aware of all vulnerabilities...
    Rule Low Severity
    Show

  • CS-05.03.02

    Group
    Show

  • Protected Distribution System (PDS) Documentation - Request for Approval Documentation

    A PDS that is not approved could cause an Information System Security Manager (ISSM), Authorizing Official (AO) and other concerned managerial personnel to not be fully aware of all vulnerabilities...
    Rule Low Severity
    Show

  • CS-06.02.01

    Group
    Show

  • Protected Distribution System (PDS) Monitoring - Daily (Visual) Checks

    A PDS that is not inspected, monitored and maintained as required could result in undetected access, sabotage or tampering of the unencrypted transmission lines. This could directly lead to the los...
    Rule Medium Severity
    Show

  • CS-06.02.02

    Group
    Show

  • Protected Distribution System (PDS) Monitoring - Reporting Incidents

    A PDS that is not inspected, monitored and maintained as required could result in undetected access, sabotage or tampering of the unencrypted transmission lines. This could directly lead to the los...
    Rule Medium Severity
    Show

  • CS-06.03.01

    Group
    Show

  • Protected Distribution System (PDS) Monitoring - Technical Inspections

    A PDS that is not inspected, monitored and maintained as required could result in undetected access, sabotage or tampering of the unencrypted transmission lines. This could directly lead to the los...
    Rule Low Severity
    Show

  • CS-06.03.02

    Group
    Show

  • Protected Distribution System (PDS) Monitoring - Initial Inspection

    A PDS that is not inspected, monitored and maintained as required could result in undetected access, sabotage or tampering of the unencrypted transmission lines. This could directly lead to the los...
    Rule Low Severity
    Show

  • EC-01.02.01

    Group
    Show

  • Environmental IA Controls - Emergency Power Shut-Off (EPO)

    A lack of an emergency shut-off switch or a master power switch for electricity to IT equipment could cause damage to the equipment or injury to personnel during an emergency. REFERENCES: DOD 522...
    Rule Medium Severity
    Show

  • EC-02.02.01

    Group
    Show

  • Environmental IA Controls - Emergency Lighting and Exits - Properly Installed

    Lack of automatic emergency lighting and exits can cause injury and/or death to employees and emergency responders. Lack of automatic emergency lighting can also cause a disruption in service. REF...
    Rule Medium Severity
    Show

  • EC-02.03.01

    Group
    Show

  • Environmental IA Controls - Emergency Lighting and Exits - Documentation and Testing

    Lack of automatic emergency lighting can cause injury and/or death to employees and emergency responders. Lack of automatic emergency lighting can cause a disruption in service. REFERENCES: DoD 5...
    Rule Low Severity
    Show

  • EC-03.03.01

    Group
    Show

  • Environmental IA Controls - Voltage Control (power)

    Failure to use automatic voltage control can result in damage to the IT equipment creating a service outage. REFERENCES: DoD 5220.22-M (NISPOM), Incorporating Change 2, 18 May 2016 Chapter 5, Sec...
    Rule Low Severity
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules