V-245850
Traditional Security Checklist
Title
Controlled Unclassified Information - Marking/Labeling Media within Unclassified Environments (Not Mixed with Classified)
Description
<VulnDiscussion>Failure to mark CUI in an approved manner can result in the loss or compromise of sensitive information. REFERENCES: Executive Order 13556, Controlled Unclassified Information (CUI) The Information Security Oversight Office (ISOO): https://www.archives.gov/cui CJCSI 6510.01F, INFORMATION ASSURANCE (IA) AND SUPPORT TO COMPUTER NETWORK DEFENSE (CND); Enclosure A, paragraph 6.a. NIST Special Publication 800-53 (SP 800-53), Rev 4, Controls: MP-3. DODI 5200.48 Controlled Unclass...
Fix Text (Documentation Requirement)
General Information: This fix is only for unclassified/sensitive media being used in a strictly unclassified physical environment. If all Controlled Unclassified Information (CUI) media are in a mixed environment where classified systems and media are in use, then STIG ID IS-03.02.01. applies and this potential vulnerability is NA. Ensure the following standard is met: Regardless of media type, the requirement to identify as clearly as possible the information requiring protection remains. Therefore ensure that all unclassified media containing CUI is properly marked according to content. Where it is not feasible to include markings with all of the information required for classified or sensitive documents or media, an explanatory statement that provides the required information shall...