ACTIVE DIRECTORY SECURITY CHECKLIST ... - Leet Upload
ACTIVE DIRECTORY SECURITY CHECKLIST ... - Leet Upload
ACTIVE DIRECTORY SECURITY CHECKLIST ... - Leet Upload
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Active Directory Checklist, V1R1.2 Field Security Operations<br />
22 September 2006 Defense Information Systems Agency<br />
DS10.0350 Trust Relationship INFOCON Procedures<br />
STIG ID \ V-Key DS10.0350 \ V0008526<br />
Severity Cat III<br />
Short Name Trust Relationship INFOCON Procedures<br />
IA Controls VIIR-1, VIIR-2<br />
MAC /Conf 1-CSP, 2-CSP, 3-CSP<br />
References AD STIG 2.3.7<br />
Strategic Command Directive (SD) 527-1<br />
Long Name: AD trust relationships have not been evaluated with respect to possible<br />
INFOCON procedures.<br />
Checks:<br />
• Interview the IAO.<br />
• Refer to the list of actual trusts obtained in check DS10.0100.<br />
*Note* - Check DS10.0100 (V0008530) is a manual check located in Section 5,<br />
Manual Check Procedures.<br />
• If there are no external, forest, or realm AD trust relationships, this check is Not<br />
Applicable.<br />
• Obtain a copy of the site’s supplemental INFOCON procedures as required by<br />
Strategic Command Directive (SD) 527-1.<br />
• Verify that it has been determined by the IAM whether INFOCON response<br />
actions are to include procedures to disable external, forest, or realm AD trust<br />
relationships.<br />
- The object is to determine if the need has been explicitly evaluated.<br />
• If it has been determined that actions to disable AD trust relationships *are not*<br />
required, then this check is Not Applicable.<br />
• If it has been determined that actions to disable AD trust relationships *are*<br />
required, verify that the policy to implement these actions has been documented.<br />
• If actions to disable AD trust relationships *are* required and no policy has been<br />
documented, then this is a Finding.<br />
UNCLASSIFIED<br />
3-9