Overall OCA Score
USNS MONTFORD POINT (T-ESD-1)
Overall Assessment
Minimal Concern
Combined Weighted Score: 1.7%
ACAS Vulnerability Scan
No Downgrade
11.17 VPH
(2 hosts)
18
Assessment Areas
1 / 0
Mapped Areas / Unmapped Hostnames
CAT I (Weight: 10)
0 / 68
Open / Total
0.0%
open rate
CAT II (Weight: 4)
74 / 1298
Open / Total
5.7%
open rate
CAT III (Weight: 1)
3 / 92
Open / Total
3.3%
open rate
Percentages shown in score cards are open rates (`Open / Total`). Closed/compliance rate is `100% - open rate`.
Assessment Area Breakdown
Scores by OCA assessment area
| Assessment Area | Hosts | CAT I | CAT II | CAT III | Weighted Score | Concern Level |
|---|---|---|---|---|---|---|
|
Boundary Security
Firewalls, DMZ, perimeter security
|
- |
-
|
-
|
-
|
- | N/A |
|
Internal Network
Internal network switches, routers, VLANs
|
- |
-
|
-
|
-
|
- | N/A |
|
Combined Vulnerability Scan
ACAS/Nessus vulnerability scan results
|
- |
-
|
-
|
-
|
- | N/A |
|
Domain Name System
DNS servers and configuration
|
- |
-
|
-
|
-
|
- | N/A |
|
Host Based Security System
HBSS/Trellix endpoint security
|
- |
-
|
-
|
-
|
- | N/A |
|
Traditional Security
Physical security, access control
|
- |
-
|
-
|
-
|
- | N/A |
|
Wireless Communications/Mobility
WiFi, mobile devices
|
- |
-
|
-
|
-
|
- | N/A |
|
Cross Domain Solutions - Admin
CDS administrative controls
|
- |
-
|
-
|
-
|
- | N/A |
|
Cross Domain Solutions - Technical
CDS technical implementation
|
- |
-
|
-
|
-
|
- | N/A |
|
Exchange
Microsoft Exchange email servers
|
- |
-
|
-
|
-
|
- | N/A |
|
Web Server
IIS, Apache, web applications
|
- |
-
|
-
|
-
|
- | N/A |
|
Database
SQL Server, Oracle, database security
|
- |
-
|
-
|
-
|
- | N/A |
|
Video and Voice Over Internet Protocol (VVOIP)
VoIP phones, video conferencing
|
- |
-
|
-
|
-
|
- | N/A |
|
Windows OS
MONT-SW-89108, MONT-SW-89134
|
2 |
0/68
0%
|
74/1298
6%
|
3/92
3%
|
1.7% | Minimal Concern |
|
Unix OS
Linux, Unix, macOS systems
|
- |
-
|
-
|
-
|
- | N/A |
|
Releaseable Networks
Networks for coalition/external use
|
- |
-
|
-
|
-
|
- | N/A |
|
Virtual Environment
VMware, Hyper-V, containers
|
- |
-
|
-
|
-
|
- | N/A |
|
Other Review
Uncategorized or specialized systems
|
- |
-
|
-
|
-
|
- | N/A |
Concern Level Thresholds
ACAS Vulnerability Scans (VPH)
No Downgrade
≥ 4.5 VPH
Critical
≥ 3.5 VPH
Moderate
≥ 2.5 VPH
Minor
> 0 VPH
Minimal
0 CAT I, < 1.25 VPH
No Concern
0 VPH
VPH = Open Findings / Hosts Scanned. Combined = (CAT I VPH × 10 + CAT II VPH × 4 + CAT III VPH × 1) / 15
STIG Checklists (Open Rate)
No Downgrade
≥ 30%
Critical
≥ 20%
Moderate
≥ 10%
Minor
> 0%
Minimal
0 CAT I, < 5%
No Concern
0%
Weighted score = (CAT I % × 10 + CAT II % × 4 + CAT III % × 1) / 15
CAT percentages in STIG areas are open-rate percentages (`Open / Total`), not inverse percentages.