STIGhubSTIGhub
STIGsSearchCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 6 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to Enterprise Voice, Video, and Messaging Policy Security Requirements Guide

V-259894

CAT II (Medium)

An IP-based VTC system implementing a single CODEC that supports conferences on multiple networks with different classification levels (i.e., unclassified, SECRET, TOP SECRET, TS-SCI) must support Periods Processing sanitization by purging/clearing volatile memory within the CODEC by powering the CODEC off for a minimum of 60 seconds.

Rule ID

SV-259894r1173865_rule

STIG

Enterprise Voice, Video, and Messaging Policy Security Requirements Guide

Version

V1R4

CCIs

CCI-002204, CCI-000366

Discussion

Volatile memory requires power to maintain the stored information. It retains its contents while powered, but when power is interrupted, stored data is immediately lost. Dynamic random-access memory (DRAM) is a type of random-access memory that stores each bit of data in a separate capacitor within an integrated circuit. Because capacitors leak charge, data fades unless the capacitor charge is refreshed periodically. Static random-access memory (SRAM) has a different configuration from DRAM, which allows it to retain data longer when power is no longer applied (data remanence). Powering off the CODEC for 60 seconds is sufficient to discharge the capacitors and erase all data.

Check Content

Observe the operation of the VTC system as it transitions between networks. 

Verify that the CODEC is powered off for a minimum of 60 seconds during the transition. 

If it is not, this is a finding.

Fix Text

Sanitize volatile memory by disconnection of all power for at least 60 seconds.