II - Mission Support Sensitive
Rules and Groups employed by this XCCDF Profile
-
CS-01.03.01
Group -
COMSEC Account Management - Appointment of Responsible Person
Lack of formal designation of an individual to be responsible for COMSEC items could result in mismanagement, loss or even compromise of COMSEC materials. Additionally, lack of formal vetting for ...Rule Low Severity -
CS-01.03.02
Group -
COMSEC Account Management - Program Management and Standards Compliance
Recipients of NSA or Service COMSEC accounts are responsible to properly maintain the accounts. Procedures covering security, transport, handling, etc., of COMSEC must be developed to supplement re...Rule Low Severity -
CS-02.02.01
Group -
COMSEC Training - COMSEC Custodian or Hand Receipt Holder
Lack of appropriate training for managers of COMSEC accounts could result in the mismanagement of COMSEC records and inadequate physical protection and ultimately lead to the loss or compromise of ...Rule Medium Severity -
CS-02.02.02
Group -
COMSEC Training - COMSEC User
Failure to properly brief COMSEC users could result in the loss of cryptologic devices or key, or the compromise of classified information. REFERENCES: DOD Manual 5200.01, Volume 1, 24 February ...Rule Medium Severity -
CS-03.01.01
Group -
Classified Transmission - Electronic Means using Cryptographic System Authorized by the Director, NSA
Failure to properly encrypt classified data in transit can lead to the loss or compromise of classified or sensitive information. REFERENCES: DoD 5220.22-M (NISPOM), Incorporating Change 2, 18 Ma...Rule High Severity -
CS-04.01.01
Group -
Protected Distribution System (PDS) Construction - Point of Presence (PoP) and Terminal Equipment Protection. This requirement concerns security of both the starting and ending points for PDS within proper physically protected and access controlled environments.
A PDS that is not constructed and physically protected as required could result in the covert or undetected interception of classified information. REFERENCES: CJCSI 6510.01F, INFORMATION ASSURAN...Rule High Severity -
CS-04.01.02
Group -
Protected Distribution System (PDS) Construction - Hardened Carrier
A PDS that is not constructed and configured as required could result in the undetected interception of classified information. REFERENCES: CJCSI 6510.01F, INFORMATION ASSURANCE (IA) AND SUPPORT ...Rule High Severity -
CS-04.01.03
Group -
Protected Distribution System (PDS) Construction - Pull Box Security
A PDS that is not constructed and configured as required could result in the undetected interception of classified information. REFERENCES: CJCSI 6510.01F, INFORM...Rule High Severity -
CS-04.01.04
Group -
Protected Distribution System (PDS) Construction - Buried PDS Carrier
Buried carriers are normally used to extend a PDS between CAAs that are located in different buildings. As with other Category 2 PDS the unencrypted data cables must be installed in a carrier. A PD...Rule High Severity -
CS-04.01.05
Group -
Protected Distribution System (PDS) Construction - External Suspended PDS
Suspended carriers (Exterior PDS) are a Category 2 PDS option used to extend a PDS between Controlled Access Areas (CAAs) that are located in different buildings. Suspended carriers may be used fo...Rule High Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.