Semantic D3FEND Mappings to DISA Common Control Index (CCI)

The D3FEND team created this mapping in order to help users navigate between the two data sets.

Download in CSV, TSV, JSON-LD.
CatalogControlRelationDefensive TechniqueTechniqueCCI Definition
CCI Catalog v2022-04-05CCI-000015broaderAccount LockingAccount LockingThe organization employs automated mechanisms to support the information system account management functions.
CCI Catalog v2022-04-05CCI-000015broaderDomain Account MonitoringDomain Account MonitoringThe organization employs automated mechanisms to support the information system account management functions.
CCI Catalog v2022-04-05CCI-000015broaderLocal Account MonitoringLocal Account MonitoringThe organization employs automated mechanisms to support the information system account management functions.
CCI Catalog v2022-04-05CCI-000016narrowerAccount LockingAccount LockingThe information system automatically removes or disables temporary accounts after an organization-defined time period for each type of account.
CCI Catalog v2022-04-05CCI-000017narrowerAccount LockingAccount LockingThe information system automatically disables inactive accounts after an organization-defined time period.
CCI Catalog v2022-04-05CCI-000018exactlyDomain Account MonitoringDomain Account MonitoringThe information system automatically audits account creation actions.
CCI Catalog v2022-04-05CCI-000025narrowerInbound Traffic FilteringInbound Traffic FilteringThe information system enforces information flow control using explicit security attributes on information, source, and destination objects as a basis for flow control decisions.
CCI Catalog v2022-04-05CCI-000025narrowerOutbound Traffic FilteringOutbound Traffic FilteringThe information system enforces information flow control using explicit security attributes on information, source, and destination objects as a basis for flow control decisions.
CCI Catalog v2022-04-05CCI-000027narrowerInbound Traffic FilteringInbound Traffic FilteringThe information system enforces dynamic information flow control based on organization-defined policies.
CCI Catalog v2022-04-05CCI-000027narrowerOutbound Traffic FilteringOutbound Traffic FilteringThe information system enforces dynamic information flow control based on organization-defined policies.
CCI Catalog v2022-04-05CCI-000029narrowerInbound Traffic FilteringInbound Traffic FilteringThe information system enforces organization-defined limitations on the embedding of data types within other data types.
CCI Catalog v2022-04-05CCI-000029narrowerOutbound Traffic FilteringOutbound Traffic FilteringThe information system enforces organization-defined limitations on the embedding of data types within other data types.
CCI Catalog v2022-04-05CCI-000030narrowerInbound Traffic FilteringInbound Traffic FilteringThe information system enforces information flow control based on organization-defined metadata.
CCI Catalog v2022-04-05CCI-000030narrowerOutbound Traffic FilteringOutbound Traffic FilteringThe information system enforces information flow control based on organization-defined metadata.
CCI Catalog v2022-04-05CCI-000032narrowerInbound Traffic FilteringInbound Traffic FilteringThe information system enforces information flow control using organization-defined security policy filters as a basis for flow control decisions for organization-defined information flows.
CCI Catalog v2022-04-05CCI-000032narrowerOutbound Traffic FilteringOutbound Traffic FilteringThe information system enforces information flow control using organization-defined security policy filters as a basis for flow control decisions for organization-defined information flows.
CCI Catalog v2022-04-05CCI-000034broaderInbound Traffic FilteringInbound Traffic FilteringThe information system provides the capability for a privileged administrator to enable/disable organization-defined security policy filters under organization-defined conditions.
CCI Catalog v2022-04-05CCI-000034broaderOutbound Traffic FilteringOutbound Traffic FilteringThe information system provides the capability for a privileged administrator to enable/disable organization-defined security policy filters under organization-defined conditions.
CCI Catalog v2022-04-05CCI-000035broaderInbound Traffic FilteringInbound Traffic FilteringThe information system provides the capability for privileged administrators to configure the organization-defined security policy filters to support different security policies.
CCI Catalog v2022-04-05CCI-000035broaderOutbound Traffic FilteringOutbound Traffic FilteringThe information system provides the capability for privileged administrators to configure the organization-defined security policy filters to support different security policies.
CCI Catalog v2022-04-05CCI-000037broaderLocal File PermissionsLocal File PermissionsThe organization implements separation of duties through assigned information system access authorizations.
CCI Catalog v2022-04-05CCI-000037broaderUser Account PermissionsUser Account PermissionsThe organization implements separation of duties through assigned information system access authorizations.
CCI Catalog v2022-04-05CCI-000040broaderAuthorization Event ThresholdingAuthorization Event ThresholdingThe organization audits any use of privileged accounts, or roles, with access to organization-defined security functions or security-relevant information, when accessing other system functions.
CCI Catalog v2022-04-05CCI-000040broaderLocal Account MonitoringLocal Account MonitoringThe organization audits any use of privileged accounts, or roles, with access to organization-defined security functions or security-relevant information, when accessing other system functions.
CCI Catalog v2022-04-05CCI-000044narrowerAccount LockingAccount LockingThe information system enforces the organization-defined limit of consecutive invalid logon attempts by a user during the organization-defined time period.
CCI Catalog v2022-04-05CCI-000047narrowerAccount LockingAccount LockingThe information system delays next login prompt according to the organization-defined delay algorithm, when the maximum number of unsuccessful attempts is exceeded, automatically locks the account/node for an organization-defined time period or locks the account/node until released by an Administrator IAW organizational policy.
CCI Catalog v2022-04-05CCI-000056narrowerAccount LockingAccount LockingThe information system retains the session lock until the user reestablishes access using established identification and authentication procedures.
CCI Catalog v2022-04-05CCI-000057narrowerAccount LockingAccount LockingThe information system initiates a session lock after the organization-defined time period of inactivity.
CCI Catalog v2022-04-05CCI-000058narrowerAccount LockingAccount LockingThe information system provides the capability for users to directly initiate session lock mechanisms.
CCI Catalog v2022-04-05CCI-000060narrowerAccount LockingAccount LockingThe information system conceals, via the session lock, information previously visible on the display with a publicly viewable image.
CCI Catalog v2022-04-05CCI-000066broaderRemote Terminal Session DetectionRemote Terminal Session DetectionThe organization enforces requirements for remote connections to the information system.
CCI Catalog v2022-04-05CCI-000067broaderRemote Terminal Session DetectionRemote Terminal Session DetectionThe information system monitors remote access methods.
CCI Catalog v2022-04-05CCI-000068narrowerEncrypted TunnelsEncrypted TunnelsThe information system implements cryptographic mechanisms to protect the confidentiality of remote access sessions.
CCI Catalog v2022-04-05CCI-000071narrowerRemote Terminal Session DetectionRemote Terminal Session DetectionThe organization monitors for unauthorized remote connections to the information system on an organization-defined frequency.
CCI Catalog v2022-04-05CCI-000139narrowerSystem Daemon MonitoringSystem Daemon MonitoringThe information system alerts designated organization-defined personnel or roles in the event of an audit processing failure.
CCI Catalog v2022-04-05CCI-000143narrowerSystem Daemon MonitoringSystem Daemon MonitoringThe information system provides a warning when allocated audit record storage volume reaches an organization-defined percentage of maximum audit record storage capacity.
CCI Catalog v2022-04-05CCI-000144narrowerSystem Daemon MonitoringSystem Daemon MonitoringThe information system provides a real-time alert when organization-defined audit failure events occur.
CCI Catalog v2022-04-05CCI-000162narrowerCredential HardeningCredential HardeningThe information system protects audit information from unauthorized access.
CCI Catalog v2022-04-05CCI-000163narrowerPlatform HardeningPlatform HardeningThe information system protects audit information from unauthorized modification.
CCI Catalog v2022-04-05CCI-000163narrowerSystem Configuration PermissionsSystem Configuration PermissionsThe information system protects audit information from unauthorized modification.
CCI Catalog v2022-04-05CCI-000164narrowerPlatform HardeningPlatform HardeningThe information system protects audit information from unauthorized deletion.
CCI Catalog v2022-04-05CCI-000185narrowerCredential HardeningCredential HardeningThe information system, for PKI-based authentication, validates certifications by constructing and verifying a certification path to an accepted trust anchor including checking certificate status information.
CCI Catalog v2022-04-05CCI-000186narrowerCredential HardeningCredential HardeningThe information system, for PKI-based authentication, enforces authorized access to the corresponding private key.
CCI Catalog v2022-04-05CCI-000187narrowerCredential HardeningCredential HardeningThe information system, for PKI-based authentication, maps the authenticated identity to the account of the individual or group.
CCI Catalog v2022-04-05CCI-000192narrowerStrong Password PolicyStrong Password PolicyThe information system enforces password complexity by the minimum number of upper case characters used.
CCI Catalog v2022-04-05CCI-000193narrowerStrong Password PolicyStrong Password PolicyThe information system enforces password complexity by the minimum number of lower case characters used.
CCI Catalog v2022-04-05CCI-000194narrowerStrong Password PolicyStrong Password PolicyThe information system enforces password complexity by the minimum number of numeric characters used.
CCI Catalog v2022-04-05CCI-000195narrowerStrong Password PolicyStrong Password PolicyThe information system, for password-based authentication, when new passwords are created, enforces that at least an organization-defined number of characters are changed.
CCI Catalog v2022-04-05CCI-000196narrowerStrong Password PolicyStrong Password PolicyThe information system, for password-based authentication, stores only cryptographically-protected passwords.
CCI Catalog v2022-04-05CCI-000197narrowerStrong Password PolicyStrong Password PolicyThe information system, for password-based authentication, transmits only cryptographically-protected passwords.
CCI Catalog v2022-04-05CCI-000198narrowerStrong Password PolicyStrong Password PolicyThe information system enforces minimum password lifetime restrictions.
CCI Catalog v2022-04-05CCI-000199narrowerStrong Password PolicyStrong Password PolicyThe information system enforces maximum password lifetime restrictions.
CCI Catalog v2022-04-05CCI-000200narrowerStrong Password PolicyStrong Password PolicyThe information system prohibits password reuse for the organization-defined number of generations.
CCI Catalog v2022-04-05CCI-000205narrowerStrong Password PolicyStrong Password PolicyThe information system enforces minimum password length.
CCI Catalog v2022-04-05CCI-000213broaderBiometric AuthenticationBiometric AuthenticationThe information system enforces approved authorizations for logical access to information and system resources in accordance with applicable access control policies.
CCI Catalog v2022-04-05CCI-000213broaderCertificate-based AuthenticationCertificate-based AuthenticationThe information system enforces approved authorizations for logical access to information and system resources in accordance with applicable access control policies.
CCI Catalog v2022-04-05CCI-000213broaderMulti-factor AuthenticationMulti-factor AuthenticationThe information system enforces approved authorizations for logical access to information and system resources in accordance with applicable access control policies.
CCI Catalog v2022-04-05CCI-000213broaderUser Account PermissionsUser Account PermissionsThe information system enforces approved authorizations for logical access to information and system resources in accordance with applicable access control policies.
CCI Catalog v2022-04-05CCI-000218narrowerInbound Traffic FilteringInbound Traffic FilteringThe information system, when transferring information between different security domains, identifies information flows by data type specification and usage.
CCI Catalog v2022-04-05CCI-000218narrowerOutbound Traffic FilteringOutbound Traffic FilteringThe information system, when transferring information between different security domains, identifies information flows by data type specification and usage.
CCI Catalog v2022-04-05CCI-000219narrowerInbound Traffic FilteringInbound Traffic FilteringThe information system, when transferring information between different security domains, decomposes information into organization-defined policy-relevant subcomponents for submission to policy enforcement mechanisms.
CCI Catalog v2022-04-05CCI-000219narrowerOutbound Traffic FilteringOutbound Traffic FilteringThe information system, when transferring information between different security domains, decomposes information into organization-defined policy-relevant subcomponents for submission to policy enforcement mechanisms.
CCI Catalog v2022-04-05CCI-000226broaderExecution IsolationExecution IsolationThe information system provides the capability for a privileged administrator to configure organization-defined security policy filters to support different security policies.
CCI Catalog v2022-04-05CCI-000346narrowerLocal File PermissionsLocal File PermissionsThe organization employs automated mechanisms to enforce access restrictions.
CCI Catalog v2022-04-05CCI-000346narrowerUser Account PermissionsUser Account PermissionsThe organization employs automated mechanisms to enforce access restrictions.
CCI Catalog v2022-04-05CCI-000352narrowerExecutable AllowlistingExecutable AllowlistingThe information system prevents the installation of organization-defined critical software programs that are not signed with a certificate that is recognized and approved by the organization.
CCI Catalog v2022-04-05CCI-000352narrowerExecutable DenylistingExecutable DenylistingThe information system prevents the installation of organization-defined critical software programs that are not signed with a certificate that is recognized and approved by the organization.
CCI Catalog v2022-04-05CCI-000374narrowerOperating System MonitoringOperating System MonitoringThe organization employs automated mechanisms to respond to unauthorized changes to organization-defined configuration settings.
CCI Catalog v2022-04-05CCI-000381broaderPlatform HardeningPlatform HardeningThe organization configures the information system to provide only essential capabilities.
CCI Catalog v2022-04-05CCI-000382broaderPlatform HardeningPlatform HardeningThe organization configures the information system to prohibit or restrict the use of organization-defined functions, ports, protocols, and/or services.
CCI Catalog v2022-04-05CCI-000386exactlyExecutable DenylistingExecutable DenylistingThe organization employs automated mechanisms to prevent program execution on the information system in accordance with the organization-defined specifications.
CCI Catalog v2022-04-05CCI-000417broaderExecution IsolationExecution IsolationThe organization disables network access by unauthorized components/devices or notifies designated organizational officials.
CCI Catalog v2022-04-05CCI-000417broaderNetwork IsolationNetwork IsolationThe organization disables network access by unauthorized components/devices or notifies designated organizational officials.
CCI Catalog v2022-04-05CCI-000663broaderExecution IsolationExecution IsolationThe organization (or information system) enforces explicit rules governing the installation of software by users.
CCI Catalog v2022-04-05CCI-000764broaderBiometric AuthenticationBiometric AuthenticationThe information system uniquely identifies and authenticates organizational users (or processes acting on behalf of organizational users).
CCI Catalog v2022-04-05CCI-000764broaderCertificate-based AuthenticationCertificate-based AuthenticationThe information system uniquely identifies and authenticates organizational users (or processes acting on behalf of organizational users).
CCI Catalog v2022-04-05CCI-000764broaderMulti-factor AuthenticationMulti-factor AuthenticationThe information system uniquely identifies and authenticates organizational users (or processes acting on behalf of organizational users).
CCI Catalog v2022-04-05CCI-000764broaderOne-time PasswordOne-time PasswordThe information system uniquely identifies and authenticates organizational users (or processes acting on behalf of organizational users).
CCI Catalog v2022-04-05CCI-000765narrowerMulti-factor AuthenticationMulti-factor AuthenticationThe information system implements multifactor authentication for network access to privileged accounts.
CCI Catalog v2022-04-05CCI-000766narrowerMulti-factor AuthenticationMulti-factor AuthenticationThe information system implements multifactor authentication for network access to non-privileged accounts.
CCI Catalog v2022-04-05CCI-000767narrowerMulti-factor AuthenticationMulti-factor AuthenticationThe information system implements multifactor authentication for local access to privileged accounts.
CCI Catalog v2022-04-05CCI-000768narrowerMulti-factor AuthenticationMulti-factor AuthenticationThe information system implements multifactor authentication for local access to non-privileged accounts.
CCI Catalog v2022-04-05CCI-000771narrowerMulti-factor AuthenticationMulti-factor AuthenticationThe information system uses multifactor authentication for network access to privileged accounts where one of the factors is provided by a device separate from the information system being accessed.
CCI Catalog v2022-04-05CCI-000772narrowerMulti-factor AuthenticationMulti-factor AuthenticationThe information system uses multifactor authentication for network access to non-privileged accounts where one of the factors is provided by a device separate from the information system being accessed.
CCI Catalog v2022-04-05CCI-000774narrowerOne-time PasswordOne-time PasswordThe information system uses organization-defined replay-resistant authentication mechanisms for network access to privileged accounts.
CCI Catalog v2022-04-05CCI-000776narrowerOne-time PasswordOne-time PasswordThe information system uses organization-defined replay-resistant authentication mechanisms for network access to non-privileged accounts.
CCI Catalog v2022-04-05CCI-000804broaderBiometric AuthenticationBiometric AuthenticationThe information system uniquely identifies and authenticates non-organizational users (or processes acting on behalf of non-organizational users).
CCI Catalog v2022-04-05CCI-000804broaderCertificate-based AuthenticationCertificate-based AuthenticationThe information system uniquely identifies and authenticates non-organizational users (or processes acting on behalf of non-organizational users).
CCI Catalog v2022-04-05CCI-000804broaderMulti-factor AuthenticationMulti-factor AuthenticationThe information system uniquely identifies and authenticates non-organizational users (or processes acting on behalf of non-organizational users).
CCI Catalog v2022-04-05CCI-000804broaderOne-time PasswordOne-time PasswordThe information system uniquely identifies and authenticates non-organizational users (or processes acting on behalf of non-organizational users).
CCI Catalog v2022-04-05CCI-000831broaderCredential EvictionCredential EvictionThe organization implements a configurable capability to automatically disable the information system if organization-defined security violations are detected.
CCI Catalog v2022-04-05CCI-000831broaderProcess EvictionProcess EvictionThe organization implements a configurable capability to automatically disable the information system if organization-defined security violations are detected.
CCI Catalog v2022-04-05CCI-000877broaderBiometric AuthenticationBiometric AuthenticationThe organization employs strong authenticators in the establishment of nonlocal maintenance and diagnostic sessions.
CCI Catalog v2022-04-05CCI-000877broaderCertificate-based AuthenticationCertificate-based AuthenticationThe organization employs strong authenticators in the establishment of nonlocal maintenance and diagnostic sessions.
CCI Catalog v2022-04-05CCI-000877broaderMulti-factor AuthenticationMulti-factor AuthenticationThe organization employs strong authenticators in the establishment of nonlocal maintenance and diagnostic sessions.
CCI Catalog v2022-04-05CCI-000880narrowerOperating System MonitoringOperating System MonitoringThe organization audits non-local maintenance and diagnostic sessions.
CCI Catalog v2022-04-05CCI-000884narrowerCredential HardeningCredential HardeningThe organization protects nonlocal maintenance sessions by employing organization-defined authenticators that are replay resistant.
CCI Catalog v2022-04-05CCI-000888narrowerEncrypted TunnelsEncrypted TunnelsThe organization employs cryptographic mechanisms to protect the integrity and confidentiality of non-local maintenance and diagnostic communications.
CCI Catalog v2022-04-05CCI-001009narrowerFile EncryptionFile EncryptionThe information system uses cryptographic mechanisms to protect and restrict access to information on portable digital media.
CCI Catalog v2022-04-05CCI-001019narrowerDisk EncryptionDisk EncryptionThe organization employs cryptographic mechanisms to protect information in storage.
CCI Catalog v2022-04-05CCI-001019narrowerFile EncryptionFile EncryptionThe organization employs cryptographic mechanisms to protect information in storage.
CCI Catalog v2022-04-05CCI-001067narrowerPlatform HardeningPlatform HardeningThe information system implements privileged access authorization to organization-identified information system components for selected organization-defined vulnerability scanning activities.
CCI Catalog v2022-04-05CCI-001069narrowerExecutable AllowlistingExecutable AllowlistingThe organization employs automated mechanisms to detect the presence of unauthorized software on organizational information systems and notify designated organizational officials in accordance with the organization-defined frequency.
CCI Catalog v2022-04-05CCI-001069narrowerExecutable DenylistingExecutable DenylistingThe organization employs automated mechanisms to detect the presence of unauthorized software on organizational information systems and notify designated organizational officials in accordance with the organization-defined frequency.
CCI Catalog v2022-04-05CCI-001082broaderLocal File PermissionsLocal File PermissionsThe information system separates user functionality (including user interface services) from information system management functionality.
CCI Catalog v2022-04-05CCI-001082broaderSystem Configuration PermissionsSystem Configuration PermissionsThe information system separates user functionality (including user interface services) from information system management functionality.
CCI Catalog v2022-04-05CCI-001083narrowerLocal File PermissionsLocal File PermissionsThe information system prevents the presentation of information system management-related functionality at an interface for non-privileged users.
CCI Catalog v2022-04-05CCI-001083narrowerSystem Configuration PermissionsSystem Configuration PermissionsThe information system prevents the presentation of information system management-related functionality at an interface for non-privileged users.
CCI Catalog v2022-04-05CCI-001084narrowerSystem Configuration PermissionsSystem Configuration PermissionsThe information system isolates security functions from nonsecurity functions.
CCI Catalog v2022-04-05CCI-001085broaderHardware-based Process IsolationHardware-based Process IsolationThe information system utilizes underlying hardware separation mechanisms to implement security function isolation.
CCI Catalog v2022-04-05CCI-001086narrowerSystem Configuration PermissionsSystem Configuration PermissionsThe information system isolates security functions enforcing access and information flow control from both nonsecurity functions and from other security functions.
CCI Catalog v2022-04-05CCI-001087narrowerSystem Configuration PermissionsSystem Configuration PermissionsThe organization implements an information system isolation boundary to minimize the number of nonsecurity functions included within the boundary containing security functions.
CCI Catalog v2022-04-05CCI-001089narrowerSystem Configuration PermissionsSystem Configuration PermissionsThe organization implements security functions as a layered structure minimizing interactions between layers of the design and avoiding any dependence by lower layers on the functionality or correctness of higher layers.
CCI Catalog v2022-04-05CCI-001090narrowerNetwork Traffic FilteringNetwork Traffic FilteringThe information system prevents unauthorized and unintended information transfer via shared system resources.
CCI Catalog v2022-04-05CCI-001092narrowerInbound Traffic FilteringInbound Traffic FilteringThe information system protects against or limits the effects of the organization-defined or referenced types of denial of service attacks.
CCI Catalog v2022-04-05CCI-001092narrowerOutbound Traffic FilteringOutbound Traffic FilteringThe information system protects against or limits the effects of the organization-defined or referenced types of denial of service attacks.
CCI Catalog v2022-04-05CCI-001094narrowerInbound Traffic FilteringInbound Traffic FilteringThe information system restricts the ability of individuals to launch organization-defined denial of service attacks against other information systems.
CCI Catalog v2022-04-05CCI-001094narrowerOutbound Traffic FilteringOutbound Traffic FilteringThe information system restricts the ability of individuals to launch organization-defined denial of service attacks against other information systems.
CCI Catalog v2022-04-05CCI-001096narrowerLocal File PermissionsLocal File PermissionsThe information system limits the use of resources by priority.
CCI Catalog v2022-04-05CCI-001096narrowerSystem Configuration PermissionsSystem Configuration PermissionsThe information system limits the use of resources by priority.
CCI Catalog v2022-04-05CCI-001109exactlyInbound Traffic FilteringInbound Traffic FilteringThe information system at managed interfaces denies network communications traffic by default and allows network communications traffic by exception (i.e., deny all, permit by exception).
CCI Catalog v2022-04-05CCI-001109exactlyOutbound Traffic FilteringOutbound Traffic FilteringThe information system at managed interfaces denies network communications traffic by default and allows network communications traffic by exception (i.e., deny all, permit by exception).
CCI Catalog v2022-04-05CCI-001111narrowerInbound Traffic FilteringInbound Traffic FilteringThe information system prevents remote devices that have established a non-remote connection with the system from communicating outside of that communications path with resources in external networks.
CCI Catalog v2022-04-05CCI-001111narrowerOutbound Traffic FilteringOutbound Traffic FilteringThe information system prevents remote devices that have established a non-remote connection with the system from communicating outside of that communications path with resources in external networks.
CCI Catalog v2022-04-05CCI-001115narrowerInbound Traffic FilteringInbound Traffic FilteringThe information system, at managed interfaces, denies network traffic and audits internal users (or malicious code) posing a threat to external information systems.
CCI Catalog v2022-04-05CCI-001115narrowerOutbound Traffic FilteringOutbound Traffic FilteringThe information system, at managed interfaces, denies network traffic and audits internal users (or malicious code) posing a threat to external information systems.
CCI Catalog v2022-04-05CCI-001117narrowerInbound Traffic FilteringInbound Traffic FilteringThe information system checks incoming communications to ensure the communications are coming from an authorized source and routed to an authorized destination.
CCI Catalog v2022-04-05CCI-001117narrowerOutbound Traffic FilteringOutbound Traffic FilteringThe information system checks incoming communications to ensure the communications are coming from an authorized source and routed to an authorized destination.
CCI Catalog v2022-04-05CCI-001118broaderNetwork IsolationNetwork IsolationThe information system implements host-based boundary protection mechanisms for servers, workstations, and mobile devices.
CCI Catalog v2022-04-05CCI-001124broaderBroadcast Domain IsolationBroadcast Domain IsolationThe information system prevents discovery of specific system components composing a managed interface.
CCI Catalog v2022-04-05CCI-001125narrowerInbound Traffic FilteringInbound Traffic FilteringThe information system enforces adherence to protocol format.
CCI Catalog v2022-04-05CCI-001125narrowerOutbound Traffic FilteringOutbound Traffic FilteringThe information system enforces adherence to protocol format.
CCI Catalog v2022-04-05CCI-001127broaderEncrypted TunnelsEncrypted TunnelsThe information system protects the integrity of transmitted information.
CCI Catalog v2022-04-05CCI-001128broaderEncrypted TunnelsEncrypted TunnelsThe organization employs cryptographic mechanisms to recognize changes to information during transmission unless otherwise protected by alternative physical measures.
CCI Catalog v2022-04-05CCI-001133narrowerSession Duration AnalysisSession Duration AnalysisThe information system terminates the network connection associated with a communications session at the end of the session or after an organization-defined time period of inactivity.
CCI Catalog v2022-04-05CCI-001144narrowerDisk EncryptionDisk EncryptionThe information system implements required cryptographic protections using cryptographic modules that comply with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.
CCI Catalog v2022-04-05CCI-001144narrowerFile EncryptionFile EncryptionThe information system implements required cryptographic protections using cryptographic modules that comply with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.
CCI Catalog v2022-04-05CCI-001145narrowerDisk EncryptionDisk EncryptionThe organization employs, at a minimum, FIPS-validated cryptography to protect unclassified information.
CCI Catalog v2022-04-05CCI-001145narrowerFile EncryptionFile EncryptionThe organization employs, at a minimum, FIPS-validated cryptography to protect unclassified information.
CCI Catalog v2022-04-05CCI-001146narrowerDisk EncryptionDisk EncryptionThe organization employs NSA-approved cryptography to protect classified information.
CCI Catalog v2022-04-05CCI-001146narrowerFile EncryptionFile EncryptionThe organization employs NSA-approved cryptography to protect classified information.
CCI Catalog v2022-04-05CCI-001147narrowerDisk EncryptionDisk EncryptionThe organization employs, at a minimum, FIPS-validated cryptography to protect information when such information must be separated from individuals who have the necessary clearances yet lack the necessary access approvals.
CCI Catalog v2022-04-05CCI-001147narrowerFile EncryptionFile EncryptionThe organization employs, at a minimum, FIPS-validated cryptography to protect information when such information must be separated from individuals who have the necessary clearances yet lack the necessary access approvals.
CCI Catalog v2022-04-05CCI-001150narrowerRemote Terminal Session DetectionRemote Terminal Session DetectionThe information system prohibits remote activation of collaborative computing devices, excluding the organization-defined exceptions where remote activation is to be allowed.
CCI Catalog v2022-04-05CCI-001166broaderDynamic AnalysisDynamic AnalysisThe information system identifies organization-defined unacceptable mobile code.
CCI Catalog v2022-04-05CCI-001166broaderEmulated File AnalysisEmulated File AnalysisThe information system identifies organization-defined unacceptable mobile code.
CCI Catalog v2022-04-05CCI-001166broaderFile Content RulesFile Content RulesThe information system identifies organization-defined unacceptable mobile code.
CCI Catalog v2022-04-05CCI-001169narrowerExecutable DenylistingExecutable DenylistingThe information system prevents the download of organization-defined unacceptable mobile code.
CCI Catalog v2022-04-05CCI-001170narrowerExecutable DenylistingExecutable DenylistingThe information system prevents the automatic execution of mobile code in organization-defined software applications.
CCI Catalog v2022-04-05CCI-001178narrowerDomain Trust PolicyDomain Trust PolicyThe information system provides additional data origin authentication artifacts along with the authoritative name resolution data the system returns in response to external name/address resolution queries.
CCI Catalog v2022-04-05CCI-001185narrowerAuthentication Cache InvalidationAuthentication Cache InvalidationThe information system invalidates session identifiers upon user logout or other session termination.
CCI Catalog v2022-04-05CCI-001199broaderDisk EncryptionDisk EncryptionThe information system protects the confidentiality and/or integrity of organization-defined information at rest.
CCI Catalog v2022-04-05CCI-001199broaderFile Content RulesFile Content RulesThe information system protects the confidentiality and/or integrity of organization-defined information at rest.
CCI Catalog v2022-04-05CCI-001199broaderFile EncryptionFile EncryptionThe information system protects the confidentiality and/or integrity of organization-defined information at rest.
CCI Catalog v2022-04-05CCI-001199broaderFile HashingFile HashingThe information system protects the confidentiality and/or integrity of organization-defined information at rest.
CCI Catalog v2022-04-05CCI-001199broaderLocal File PermissionsLocal File PermissionsThe information system protects the confidentiality and/or integrity of organization-defined information at rest.
CCI Catalog v2022-04-05CCI-001200narrowerDisk EncryptionDisk EncryptionThe organization employs cryptographic mechanisms to prevent unauthorized disclosure of information at rest unless otherwise protected by alternative physical measures.
CCI Catalog v2022-04-05CCI-001200narrowerFile EncryptionFile EncryptionThe organization employs cryptographic mechanisms to prevent unauthorized disclosure of information at rest unless otherwise protected by alternative physical measures.
CCI Catalog v2022-04-05CCI-001210narrowerDriver Load Integrity CheckingDriver Load Integrity CheckingThe information system, at organization-defined information system components, loads and executes the operating environment from hardware-enforced, read-only media.
CCI Catalog v2022-04-05CCI-001211narrowerApplication Configuration HardeningApplication Configuration HardeningThe information system, at organization-defined information system components, loads and executes organization-defined applications from hardware-enforced, read-only media.
CCI Catalog v2022-04-05CCI-001233narrowerSoftware UpdateSoftware UpdateThe organization employs automated mechanisms on an organization-defined frequency to determine the state of information system components with regard to flaw remediation.
CCI Catalog v2022-04-05CCI-001237narrowerSoftware UpdateSoftware UpdateThe organization employs automated patch management tools to facilitate flaw remediation to organization-defined information system components.
CCI Catalog v2022-04-05CCI-001239broaderFile AnalysisFile AnalysisThe organization employs malicious code protection mechanisms at information system entry and exit points to detect and eradicate malicious code transported by electronic mail, electronic mail attachments, web accesses, removable media, or other common means or inserted through the exploitation of information system vulnerabilities.
CCI Catalog v2022-04-05CCI-001239broaderNetwork Traffic AnalysisNetwork Traffic AnalysisThe organization employs malicious code protection mechanisms at information system entry and exit points to detect and eradicate malicious code transported by electronic mail, electronic mail attachments, web accesses, removable media, or other common means or inserted through the exploitation of information system vulnerabilities.
CCI Catalog v2022-04-05CCI-001239broaderPlatform MonitoringPlatform MonitoringThe organization employs malicious code protection mechanisms at information system entry and exit points to detect and eradicate malicious code transported by electronic mail, electronic mail attachments, web accesses, removable media, or other common means or inserted through the exploitation of information system vulnerabilities.
CCI Catalog v2022-04-05CCI-001239broaderProcess AnalysisProcess AnalysisThe organization employs malicious code protection mechanisms at information system entry and exit points to detect and eradicate malicious code transported by electronic mail, electronic mail attachments, web accesses, removable media, or other common means or inserted through the exploitation of information system vulnerabilities.
CCI Catalog v2022-04-05CCI-001242broaderDynamic AnalysisDynamic AnalysisThe organization configures malicious code protection mechanisms to perform real-time scans of files from external sources at endpoints as the files are downloaded, opened, or executed in accordance with organizational security policy.
CCI Catalog v2022-04-05CCI-001242broaderEmulated File AnalysisEmulated File AnalysisThe organization configures malicious code protection mechanisms to perform real-time scans of files from external sources at endpoints as the files are downloaded, opened, or executed in accordance with organizational security policy.
CCI Catalog v2022-04-05CCI-001242broaderFile Content RulesFile Content RulesThe organization configures malicious code protection mechanisms to perform real-time scans of files from external sources at endpoints as the files are downloaded, opened, or executed in accordance with organizational security policy.
CCI Catalog v2022-04-05CCI-001262narrowerInbound Traffic FilteringInbound Traffic FilteringThe information system monitors inbound and outbound communications for unusual or unauthorized activities or conditions.
CCI Catalog v2022-04-05CCI-001262narrowerOutbound Traffic FilteringOutbound Traffic FilteringThe information system monitors inbound and outbound communications for unusual or unauthorized activities or conditions.
CCI Catalog v2022-04-05CCI-001297broaderDriver Load Integrity CheckingDriver Load Integrity CheckingThe information system detects unauthorized changes to software and information.
CCI Catalog v2022-04-05CCI-001297broaderFile HashingFile HashingThe information system detects unauthorized changes to software and information.
CCI Catalog v2022-04-05CCI-001297broaderPointer AuthenticationPointer AuthenticationThe information system detects unauthorized changes to software and information.
CCI Catalog v2022-04-05CCI-001297broaderTPM Boot IntegrityTPM Boot IntegrityThe information system detects unauthorized changes to software and information.
CCI Catalog v2022-04-05CCI-001305broaderMessage AuthenticationMessage AuthenticationThe organization employs spam protection mechanisms at information system entry and exit points to detect and take action on unsolicited messages transported by electronic mail, electronic mail attachments, web accesses, removable media, or other common means.
CCI Catalog v2022-04-05CCI-001305broaderSender MTA Reputation AnalysisSender MTA Reputation AnalysisThe organization employs spam protection mechanisms at information system entry and exit points to detect and take action on unsolicited messages transported by electronic mail, electronic mail attachments, web accesses, removable media, or other common means.
CCI Catalog v2022-04-05CCI-001305broaderSender Reputation AnalysisSender Reputation AnalysisThe organization employs spam protection mechanisms at information system entry and exit points to detect and take action on unsolicited messages transported by electronic mail, electronic mail attachments, web accesses, removable media, or other common means.
CCI Catalog v2022-04-05CCI-001305broaderTransfer Agent AuthenticationTransfer Agent AuthenticationThe organization employs spam protection mechanisms at information system entry and exit points to detect and take action on unsolicited messages transported by electronic mail, electronic mail attachments, web accesses, removable media, or other common means.
CCI Catalog v2022-04-05CCI-001310broaderDatabase Query String AnalysisDatabase Query String AnalysisThe information system checks the validity of organization-defined inputs.
CCI Catalog v2022-04-05CCI-001350narrowerFile EncryptionFile EncryptionThe information system implements cryptographic mechanisms to protect the integrity of audit information.
CCI Catalog v2022-04-05CCI-001356exactlyAuthentication Event ThresholdingAuthentication Event ThresholdingThe organization monitors for atypical usage of information system accounts.
CCI Catalog v2022-04-05CCI-001356exactlyAuthorization Event ThresholdingAuthorization Event ThresholdingThe organization monitors for atypical usage of information system accounts.
CCI Catalog v2022-04-05CCI-001368narrowerInbound Traffic FilteringInbound Traffic FilteringThe information system enforces approved authorizations for controlling the flow of information within the system based on organization-defined information flow control policies.
CCI Catalog v2022-04-05CCI-001368narrowerOutbound Traffic FilteringOutbound Traffic FilteringThe information system enforces approved authorizations for controlling the flow of information within the system based on organization-defined information flow control policies.
CCI Catalog v2022-04-05CCI-001372narrowerInbound Traffic FilteringInbound Traffic FilteringThe information system, when transferring information between different security domains, implements organization-defined security policy filters requiring fully enumerated formats that restrict data structure and content.
CCI Catalog v2022-04-05CCI-001372narrowerOutbound Traffic FilteringOutbound Traffic FilteringThe information system, when transferring information between different security domains, implements organization-defined security policy filters requiring fully enumerated formats that restrict data structure and content.
CCI Catalog v2022-04-05CCI-001373narrowerInbound Traffic FilteringInbound Traffic FilteringThe information system, when transferring information between different security domains, examines the information for the presence of organization-defined unsanctioned information.
CCI Catalog v2022-04-05CCI-001373narrowerOutbound Traffic FilteringOutbound Traffic FilteringThe information system, when transferring information between different security domains, examines the information for the presence of organization-defined unsanctioned information.
CCI Catalog v2022-04-05CCI-001374narrowerInbound Traffic FilteringInbound Traffic FilteringThe information system, when transferring information between different security domains, prohibits the transfer of organization-defined unsanctioned information in accordance with the organization-defined security policy.
CCI Catalog v2022-04-05CCI-001374narrowerOutbound Traffic FilteringOutbound Traffic FilteringThe information system, when transferring information between different security domains, prohibits the transfer of organization-defined unsanctioned information in accordance with the organization-defined security policy.
CCI Catalog v2022-04-05CCI-001376narrowerDomain Trust PolicyDomain Trust PolicyThe information system uniquely identifies source domains for information transfer.
CCI Catalog v2022-04-05CCI-001377narrowerDomain Trust PolicyDomain Trust PolicyThe information system uniquely authenticates source domains for information transfer.
CCI Catalog v2022-04-05CCI-001399broaderUser Account PermissionsUser Account PermissionsThe information system supports and maintains the binding of organization-defined security attributes to information in storage.
CCI Catalog v2022-04-05CCI-001400broaderUser Account PermissionsUser Account PermissionsThe information system supports and maintains the binding of organization-defined security attributes to information in process.
CCI Catalog v2022-04-05CCI-001401broaderUser Account PermissionsUser Account PermissionsThe information system supports and maintains the binding of organization-defined security attributes to information in transmission.
CCI Catalog v2022-04-05CCI-001403exactlyDomain Account MonitoringDomain Account MonitoringThe information system automatically audits account modification actions.
CCI Catalog v2022-04-05CCI-001404exactlyDomain Account MonitoringDomain Account MonitoringThe information system automatically audits account disabling actions.
CCI Catalog v2022-04-05CCI-001405exactlyDomain Account MonitoringDomain Account MonitoringThe information system automatically audits account removal actions.
CCI Catalog v2022-04-05CCI-001414narrowerInbound Traffic FilteringInbound Traffic FilteringThe information system enforces approved authorizations for controlling the flow of information between interconnected systems based on organization-defined information flow control policies.
CCI Catalog v2022-04-05CCI-001414narrowerOutbound Traffic FilteringOutbound Traffic FilteringThe information system enforces approved authorizations for controlling the flow of information between interconnected systems based on organization-defined information flow control policies.
CCI Catalog v2022-04-05CCI-001424broaderUser Account PermissionsUser Account PermissionsThe information system dynamically associates security attributes with organization-defined subjects in accordance with organization-defined security policies as information is created and combined.
CCI Catalog v2022-04-05CCI-001425broaderUser Account PermissionsUser Account PermissionsThe information system provides authorized individuals (or processes acting on behalf of individuals) the capability to change the value of associated security attributes.
CCI Catalog v2022-04-05CCI-001426broaderUser Account PermissionsUser Account PermissionsThe information system maintains the binding of security attributes to information with sufficient assurance that the information--attribute association can be used as the basis for automated policy actions.
CCI Catalog v2022-04-05CCI-001427broaderUser Account PermissionsUser Account PermissionsThe information system allows authorized users to associate security attributes with information.
CCI Catalog v2022-04-05CCI-001428broaderUser Account PermissionsUser Account PermissionsThe information system displays security attributes in human-readable form on each object that the system transmits to output devices to identify organization-identified special dissemination, handling, or distribution instructions using organization-identified human-readable, standard naming conventions.
CCI Catalog v2022-04-05CCI-001436narrowerInbound Traffic FilteringInbound Traffic FilteringThe organization disables organization-defined networking protocols within the information system deemed to be nonsecure except for explicitly identified components in support of specific operational requirements.
CCI Catalog v2022-04-05CCI-001436narrowerOutbound Traffic FilteringOutbound Traffic FilteringThe organization disables organization-defined networking protocols within the information system deemed to be nonsecure except for explicitly identified components in support of specific operational requirements.
CCI Catalog v2022-04-05CCI-001452narrowerAccount LockingAccount LockingThe information system enforces the organization-defined time period during which the limit of consecutive invalid access attempts by a user is counted.
CCI Catalog v2022-04-05CCI-001453exactlyEncrypted TunnelsEncrypted TunnelsThe information system implements cryptographic mechanisms to protect the integrity of remote access sessions.
CCI Catalog v2022-04-05CCI-001454narrowerRemote Terminal Session DetectionRemote Terminal Session DetectionThe organization ensures that remote sessions for accessing an organization-defined list of security functions and security-relevant information are audited.
CCI Catalog v2022-04-05CCI-001494narrowerPlatform HardeningPlatform HardeningThe information system protects audit tools from unauthorized modification.
CCI Catalog v2022-04-05CCI-001494narrowerSystem Configuration PermissionsSystem Configuration PermissionsThe information system protects audit tools from unauthorized modification.
CCI Catalog v2022-04-05CCI-001495narrowerPlatform HardeningPlatform HardeningThe information system protects audit tools from unauthorized deletion.
CCI Catalog v2022-04-05CCI-001496narrowerFile EncryptionFile EncryptionThe information system implements cryptographic mechanisms to protect the integrity of audit tools.
CCI Catalog v2022-04-05CCI-001499narrowerSystem Configuration PermissionsSystem Configuration PermissionsThe organization limits privileges to change software resident within software libraries.
CCI Catalog v2022-04-05CCI-001499narrowerUser Account PermissionsUser Account PermissionsThe organization limits privileges to change software resident within software libraries.
CCI Catalog v2022-04-05CCI-001555narrowerDomain Trust PolicyDomain Trust PolicyThe information system uniquely identifies destination domains for information transfer.
CCI Catalog v2022-04-05CCI-001556narrowerDomain Trust PolicyDomain Trust PolicyThe information system uniquely authenticates destination domains for information transfer.
CCI Catalog v2022-04-05CCI-001557broaderNetwork Traffic AnalysisNetwork Traffic AnalysisThe information system tracks problems associated with the information transfer.
CCI Catalog v2022-04-05CCI-001574narrowerInbound Traffic FilteringInbound Traffic FilteringThe information system rejects or delays, as defined by the organization, network traffic which exceed the organization-defined thresholds.
CCI Catalog v2022-04-05CCI-001574narrowerOutbound Traffic FilteringOutbound Traffic FilteringThe information system rejects or delays, as defined by the organization, network traffic which exceed the organization-defined thresholds.
CCI Catalog v2022-04-05CCI-001589narrowerOperating System MonitoringOperating System MonitoringThe organization incorporates detection of unauthorized, security-relevant configuration changes into the organization’s incident response capability to ensure they are tracked.
CCI Catalog v2022-04-05CCI-001619narrowerStrong Password PolicyStrong Password PolicyThe information system enforces password complexity by the minimum number of special characters used.
CCI Catalog v2022-04-05CCI-001632exactlyEncrypted TunnelsEncrypted TunnelsThe organization protects nonlocal maintenance sessions by separating the maintenance session from other network sessions with the information system by either physically separated communications paths or logically separated communications paths based upon encryption.
CCI Catalog v2022-04-05CCI-001662narrowerDynamic AnalysisDynamic AnalysisThe information system takes organization-defined corrective action when organization-defined unacceptable mobile code is identified.
CCI Catalog v2022-04-05CCI-001662narrowerEmulated File AnalysisEmulated File AnalysisThe information system takes organization-defined corrective action when organization-defined unacceptable mobile code is identified.
CCI Catalog v2022-04-05CCI-001662narrowerFile Content RulesFile Content RulesThe information system takes organization-defined corrective action when organization-defined unacceptable mobile code is identified.
CCI Catalog v2022-04-05CCI-001668broaderFile AnalysisFile AnalysisThe organization employs malicious code protection mechanisms at workstations, servers, or mobile computing devices on the network to detect and eradicate malicious code transported by electronic mail, electronic mail attachments, web accesses, removable media, or other common means or inserted through the exploitation of information system vulnerabilities.
CCI Catalog v2022-04-05CCI-001668broaderNetwork Traffic AnalysisNetwork Traffic AnalysisThe organization employs malicious code protection mechanisms at workstations, servers, or mobile computing devices on the network to detect and eradicate malicious code transported by electronic mail, electronic mail attachments, web accesses, removable media, or other common means or inserted through the exploitation of information system vulnerabilities.
CCI Catalog v2022-04-05CCI-001668broaderPlatform MonitoringPlatform MonitoringThe organization employs malicious code protection mechanisms at workstations, servers, or mobile computing devices on the network to detect and eradicate malicious code transported by electronic mail, electronic mail attachments, web accesses, removable media, or other common means or inserted through the exploitation of information system vulnerabilities.
CCI Catalog v2022-04-05CCI-001668broaderProcess AnalysisProcess AnalysisThe organization employs malicious code protection mechanisms at workstations, servers, or mobile computing devices on the network to detect and eradicate malicious code transported by electronic mail, electronic mail attachments, web accesses, removable media, or other common means or inserted through the exploitation of information system vulnerabilities.
CCI Catalog v2022-04-05CCI-001677broaderMessage AuthenticationMessage AuthenticationThe organization employs spam protection mechanisms at workstations, servers, or mobile computing devices on the network to detect and take action on unsolicited messages transported by electronic mail, electronic mail attachments, web accesses, removable media, or other common means.
CCI Catalog v2022-04-05CCI-001677broaderSender MTA Reputation AnalysisSender MTA Reputation AnalysisThe organization employs spam protection mechanisms at workstations, servers, or mobile computing devices on the network to detect and take action on unsolicited messages transported by electronic mail, electronic mail attachments, web accesses, removable media, or other common means.
CCI Catalog v2022-04-05CCI-001677broaderSender Reputation AnalysisSender Reputation AnalysisThe organization employs spam protection mechanisms at workstations, servers, or mobile computing devices on the network to detect and take action on unsolicited messages transported by electronic mail, electronic mail attachments, web accesses, removable media, or other common means.
CCI Catalog v2022-04-05CCI-001677broaderTransfer Agent AuthenticationTransfer Agent AuthenticationThe organization employs spam protection mechanisms at workstations, servers, or mobile computing devices on the network to detect and take action on unsolicited messages transported by electronic mail, electronic mail attachments, web accesses, removable media, or other common means.
CCI Catalog v2022-04-05CCI-001682narrowerAccount LockingAccount LockingThe information system automatically removes or disables emergency accounts after an organization-defined time period for each type of account.
CCI Catalog v2022-04-05CCI-001683narrowerDomain Account MonitoringDomain Account MonitoringThe information system notifies organization-defined personnel or roles for account creation actions.
CCI Catalog v2022-04-05CCI-001684narrowerDomain Account MonitoringDomain Account MonitoringThe information system notifies organization-defined personnel or roles for account modification actions.
CCI Catalog v2022-04-05CCI-001685narrowerDomain Account MonitoringDomain Account MonitoringThe information system notifies organization-defined personnel or roles for account disabling actions.
CCI Catalog v2022-04-05CCI-001686narrowerDomain Account MonitoringDomain Account MonitoringThe information system notifies organization-defined personnel or roles for account removal actions.
CCI Catalog v2022-04-05CCI-001695narrowerExecutable DenylistingExecutable DenylistingThe information system prevents the execution of organization-defined unacceptable mobile code.
CCI Catalog v2022-04-05CCI-001744broaderOperating System MonitoringOperating System MonitoringThe information system implements organization-defined security responses automatically if baseline configurations are changed in an unauthorized manner.
CCI Catalog v2022-04-05CCI-001749narrowerExecutable AllowlistingExecutable AllowlistingThe information system prevents the installation of organization-defined software components without verification the software component has been digitally signed using a certificate that is recognized and approved by the organization.
CCI Catalog v2022-04-05CCI-001749narrowerExecutable DenylistingExecutable DenylistingThe information system prevents the installation of organization-defined software components without verification the software component has been digitally signed using a certificate that is recognized and approved by the organization.
CCI Catalog v2022-04-05CCI-001762narrowerSystem Configuration PermissionsSystem Configuration PermissionsThe organization disables organization-defined functions, ports, protocols, and services within the information system deemed to be unnecessary and/or nonsecure.
CCI Catalog v2022-04-05CCI-001764broaderExecutable AllowlistingExecutable AllowlistingThe information system prevents program execution in accordance with organization-defined policies regarding software program usage and restrictions, and/or rules authorizing the terms and conditions of software program usage.
CCI Catalog v2022-04-05CCI-001764broaderExecutable DenylistingExecutable DenylistingThe information system prevents program execution in accordance with organization-defined policies regarding software program usage and restrictions, and/or rules authorizing the terms and conditions of software program usage.
CCI Catalog v2022-04-05CCI-001767narrowerExecutable DenylistingExecutable DenylistingThe organization employs an allow-all, deny-by-exception policy to prohibit the execution of unauthorized software programs on the information system.
CCI Catalog v2022-04-05CCI-001774narrowerExecutable AllowlistingExecutable AllowlistingThe organization employs a deny-all, permit-by-exception policy to allow the execution of authorized software programs on the information system.
CCI Catalog v2022-04-05CCI-001811narrowerFile AnalysisFile AnalysisThe information system alerts organization-defined personnel or roles when the unauthorized installation of software is detected.
CCI Catalog v2022-04-05CCI-001812narrowerExecutable AllowlistingExecutable AllowlistingThe information system prohibits user installation of software without explicit privileged status.
CCI Catalog v2022-04-05CCI-001812narrowerExecutable DenylistingExecutable DenylistingThe information system prohibits user installation of software without explicit privileged status.
CCI Catalog v2022-04-05CCI-001813broaderUser Account PermissionsUser Account PermissionsThe information system enforces access restrictions.
CCI Catalog v2022-04-05CCI-001855narrowerSystem Daemon MonitoringSystem Daemon MonitoringThe information system provides a warning to organization-defined personnel, roles, and/or locations within an organization-defined time period when allocated audit record storage volume reaches an organization-defined percentage of repository maximum audit record storage capacity.
CCI Catalog v2022-04-05CCI-001858narrowerSystem Daemon MonitoringSystem Daemon MonitoringThe information system provides a real-time alert in an organization-defined real-time period to organization-defined personnel, roles, and/or locations when organization-defined audit failure events requiring real-time alerts occur.
CCI Catalog v2022-04-05CCI-001936narrowerMulti-factor AuthenticationMulti-factor AuthenticationThe information system implements multifactor authentication for network access to privileged accounts such that one of the factors is provided by a device separate from the system gaining access.
CCI Catalog v2022-04-05CCI-001937narrowerMulti-factor AuthenticationMulti-factor AuthenticationThe device used in the information system implementation of multifactor authentication for network access to privileged accounts meets organization-defined strength of mechanism requirements.
CCI Catalog v2022-04-05CCI-001941narrowerOne-time PasswordOne-time PasswordThe information system implements replay-resistant authentication mechanisms for network access to privileged accounts.
CCI Catalog v2022-04-05CCI-001953broaderBiometric AuthenticationBiometric AuthenticationThe information system accepts Personal Identity Verification (PIV) credentials.
CCI Catalog v2022-04-05CCI-001953broaderCertificate-based AuthenticationCertificate-based AuthenticationThe information system accepts Personal Identity Verification (PIV) credentials.
CCI Catalog v2022-04-05CCI-001954narrowerBiometric AuthenticationBiometric AuthenticationThe information system electronically verifies Personal Identity Verification (PIV) credentials.
CCI Catalog v2022-04-05CCI-001954narrowerCertificate-based AuthenticationCertificate-based AuthenticationThe information system electronically verifies Personal Identity Verification (PIV) credentials.
CCI Catalog v2022-04-05CCI-001957broaderOne-time PasswordOne-time PasswordThe information system implements organization-defined out-of-band authentication under organization-defined conditions.
CCI Catalog v2022-04-05CCI-001991narrowerCertificate-based AuthenticationCertificate-based AuthenticationThe information system, for PKI-based authentication, implements a local cache of revocation data to support path discovery and validation in case of inability to access revocation information via the network.
CCI Catalog v2022-04-05CCI-002005narrowerBiometric AuthenticationBiometric AuthenticationThe information system, for biometric-based authentication, employs mechanisms that satisfy organization-defined biometric quality requirements.
CCI Catalog v2022-04-05CCI-002009narrowerBiometric AuthenticationBiometric AuthenticationThe information system accepts Personal Identity Verification (PIV) credentials from other federal agencies.
CCI Catalog v2022-04-05CCI-002009narrowerCertificate-based AuthenticationCertificate-based AuthenticationThe information system accepts Personal Identity Verification (PIV) credentials from other federal agencies.
CCI Catalog v2022-04-05CCI-002010narrowerBiometric AuthenticationBiometric AuthenticationThe information system electronically verifies Personal Identity Verification (PIV) credentials from other federal agencies.
CCI Catalog v2022-04-05CCI-002010narrowerCertificate-based AuthenticationCertificate-based AuthenticationThe information system electronically verifies Personal Identity Verification (PIV) credentials from other federal agencies.
CCI Catalog v2022-04-05CCI-002015narrowerBiometric AuthenticationBiometric AuthenticationThe information system accepts Personal Identity Verification-I (PIV-I) credentials.
CCI Catalog v2022-04-05CCI-002015narrowerCertificate-based AuthenticationCertificate-based AuthenticationThe information system accepts Personal Identity Verification-I (PIV-I) credentials.
CCI Catalog v2022-04-05CCI-002016narrowerBiometric AuthenticationBiometric AuthenticationThe information system electronically verifies Personal Identity Verification-I (PIV-I) credentials.
CCI Catalog v2022-04-05CCI-002016narrowerCertificate-based AuthenticationCertificate-based AuthenticationThe information system electronically verifies Personal Identity Verification-I (PIV-I) credentials.
CCI Catalog v2022-04-05CCI-002041narrowerStrong Password PolicyStrong Password PolicyThe information system allows the use of a temporary password for system logons with an immediate change to a permanent password.
CCI Catalog v2022-04-05CCI-002145narrowerUser Account PermissionsUser Account PermissionsThe information system enforces organization-defined circumstances and/or usage conditions for organization-defined information system accounts.
CCI Catalog v2022-04-05CCI-002178narrowerSystem Call FilteringSystem Call FilteringThe information system enforces the revocation of access authorizations resulting from changes to the security attributes of subjects based on organization-defined rules governing the timing of revocations of access authorizations.
CCI Catalog v2022-04-05CCI-002179narrowerSystem Call FilteringSystem Call FilteringThe information system enforces the revocation of access authorizations resulting from changes to the security attributes of objects based on organization-defined rules governing the timing of revocations of access authorizations.
CCI Catalog v2022-04-05CCI-002201narrowerDomain Trust PolicyDomain Trust PolicyThe information system, when transferring information between different security domains, uses organization-defined data type identifiers to validate data essential for information flow decisions.
CCI Catalog v2022-04-05CCI-002205narrowerDomain Trust PolicyDomain Trust PolicyThe information system uniquely identifies and authenticates source by organization, system, application, and/or individual for information transfer.
CCI Catalog v2022-04-05CCI-002207narrowerDomain Trust PolicyDomain Trust PolicyThe information system uniquely identifies and authenticates destination by organization, system, application, and/or individual for information transfer.
CCI Catalog v2022-04-05CCI-002211narrowerInbound Traffic FilteringInbound Traffic FilteringThe information system, when transferring information between different security domains, applies the same security policy filtering to metadata as it applies to data payloads.
CCI Catalog v2022-04-05CCI-002211narrowerOutbound Traffic FilteringOutbound Traffic FilteringThe information system, when transferring information between different security domains, applies the same security policy filtering to metadata as it applies to data payloads.
CCI Catalog v2022-04-05CCI-002218narrowerDomain Trust PolicyDomain Trust PolicyThe information system provides access from a single device to computing platforms, applications, or data residing on multiple different security domains, while preventing any information flow between the different security domains.
CCI Catalog v2022-04-05CCI-002233narrowerExecutable DenylistingExecutable DenylistingThe information system prevents organization-defined software from executing at higher privilege levels than users executing the software.
CCI Catalog v2022-04-05CCI-002235narrowerSystem Configuration PermissionsSystem Configuration PermissionsThe information system prevents non-privileged users from executing privileged functions to include disabling, circumventing, or altering implemented security safeguards/countermeasures.
CCI Catalog v2022-04-05CCI-002238narrowerAccount LockingAccount LockingThe information system automatically locks the account or node for either an organization-defined time period, until the locked account or node is released by an administrator, or delays the next logon prompt according to the organization-defined delay algorithm when the maximum number of unsuccessful logon attempts is exceeded.
CCI Catalog v2022-04-05CCI-002262broaderUser Account PermissionsUser Account PermissionsThe organization provides the means to associate organization-defined types of security attributes having organization-defined security attribute values with information in storage.
CCI Catalog v2022-04-05CCI-002263broaderUser Account PermissionsUser Account PermissionsThe organization provides the means to associate organization-defined types of security attributes having organization-defined security attribute values with information in process.
CCI Catalog v2022-04-05CCI-002264broaderUser Account PermissionsUser Account PermissionsThe organization provides the means to associate organization-defined types of security attributes having organization-defined security attribute values with information in transmission.
CCI Catalog v2022-04-05CCI-002272broaderUser Account PermissionsUser Account PermissionsThe information system dynamically associates security attributes with organization-defined objects in accordance with organization-defined security policies as information is created and combined.
CCI Catalog v2022-04-05CCI-002277broaderUser Account PermissionsUser Account PermissionsThe information system provides authorized individuals (or processes acting on behalf of individuals) the capability to define the value of associated security attributes.
CCI Catalog v2022-04-05CCI-002281broaderUser Account PermissionsUser Account PermissionsThe information system maintains the association of organization-defined security attributes to organization-defined subjects.
CCI Catalog v2022-04-05CCI-002282broaderUser Account PermissionsUser Account PermissionsThe information system maintains the association of organization-defined security attributes to organization-defined objects.
CCI Catalog v2022-04-05CCI-002283broaderUser Account PermissionsUser Account PermissionsThe information system maintains the integrity of organization-defined security attributes associated with organization-defined subjects.
CCI Catalog v2022-04-05CCI-002284broaderUser Account PermissionsUser Account PermissionsThe information system maintains the integrity of organization-defined security attributes associated with organization-defined objects.
CCI Catalog v2022-04-05CCI-002289broaderUser Account PermissionsUser Account PermissionsThe information system supports the association of organization-defined security attributes with organization-defined subjects by authorized individuals (or processes acting on behalf of individuals).
CCI Catalog v2022-04-05CCI-002290broaderUser Account PermissionsUser Account PermissionsThe information system supports the association of organization-defined security attributes with organization-defined objects by authorized individuals (or processes acting on behalf of individuals).
CCI Catalog v2022-04-05CCI-002302broaderUser Account PermissionsUser Account PermissionsThe information system implements organization-defined techniques or technologies with an organization-defined level of assurance in associating security attributes to information.
CCI Catalog v2022-04-05CCI-002306broaderSystem Configuration PermissionsSystem Configuration PermissionsThe information system provides authorized individuals the capability to define or change the type of security attributes available for association with subjects.
CCI Catalog v2022-04-05CCI-002306broaderUser Account PermissionsUser Account PermissionsThe information system provides authorized individuals the capability to define or change the type of security attributes available for association with subjects.
CCI Catalog v2022-04-05CCI-002307broaderSystem Configuration PermissionsSystem Configuration PermissionsThe information system provides authorized individuals the capability to define or change the value of security attributes available for association with subjects.
CCI Catalog v2022-04-05CCI-002307broaderUser Account PermissionsUser Account PermissionsThe information system provides authorized individuals the capability to define or change the value of security attributes available for association with subjects.
CCI Catalog v2022-04-05CCI-002308broaderSystem Configuration PermissionsSystem Configuration PermissionsThe information system provides authorized individuals the capability to define or change the type of security attributes available for association with objects.
CCI Catalog v2022-04-05CCI-002308broaderUser Account PermissionsUser Account PermissionsThe information system provides authorized individuals the capability to define or change the type of security attributes available for association with objects.
CCI Catalog v2022-04-05CCI-002309broaderSystem Configuration PermissionsSystem Configuration PermissionsThe information system provides authorized individuals the capability to define or change the value of security attributes available for association with objects.
CCI Catalog v2022-04-05CCI-002309broaderUser Account PermissionsUser Account PermissionsThe information system provides authorized individuals the capability to define or change the value of security attributes available for association with objects.
CCI Catalog v2022-04-05CCI-002322narrowerRemote Terminal Session DetectionRemote Terminal Session DetectionThe organization provides the capability to expeditiously disconnect or disable remote access to the information system within the organization-defined time period.
CCI Catalog v2022-04-05CCI-002346broaderDatabase Query String AnalysisDatabase Query String AnalysisThe organization employs organization-defined data mining prevention techniques for organization-defined data storage objects to adequately protect against data mining.
CCI Catalog v2022-04-05CCI-002346broaderDisk EncryptionDisk EncryptionThe organization employs organization-defined data mining prevention techniques for organization-defined data storage objects to adequately protect against data mining.
CCI Catalog v2022-04-05CCI-002346broaderFile EncryptionFile EncryptionThe organization employs organization-defined data mining prevention techniques for organization-defined data storage objects to adequately protect against data mining.
CCI Catalog v2022-04-05CCI-002347broaderFile Access Pattern AnalysisFile Access Pattern AnalysisThe organization employs organization-defined data mining detection techniques for organization-defined data storage objects to adequately detect data mining attempts.
CCI Catalog v2022-04-05CCI-002347broaderInput Device AnalysisInput Device AnalysisThe organization employs organization-defined data mining detection techniques for organization-defined data storage objects to adequately detect data mining attempts.
CCI Catalog v2022-04-05CCI-002347broaderResource Access Pattern AnalysisResource Access Pattern AnalysisThe organization employs organization-defined data mining detection techniques for organization-defined data storage objects to adequately detect data mining attempts.
CCI Catalog v2022-04-05CCI-002347broaderUser Data Transfer AnalysisUser Data Transfer AnalysisThe organization employs organization-defined data mining detection techniques for organization-defined data storage objects to adequately detect data mining attempts.
CCI Catalog v2022-04-05CCI-002353broaderUser Account PermissionsUser Account PermissionsThe information system transmits organization-defined access authorization information using organization-defined security safeguards to organization-defined information systems which enforce access control decisions.
CCI Catalog v2022-04-05CCI-002355broaderUser Account PermissionsUser Account PermissionsThe information system enforces access control decisions based on organization-defined security attributes that do not include the identity of the user or process acting on behalf of the user.
CCI Catalog v2022-04-05CCI-002357narrowerUser Account PermissionsUser Account PermissionsThe information system implements a reference monitor for organization-defined access control policies that is tamperproof.
CCI Catalog v2022-04-05CCI-002358narrowerUser Account PermissionsUser Account PermissionsThe information system implements a reference monitor for organization-defined access control policies that is always invoked.
CCI Catalog v2022-04-05CCI-002359narrowerUser Account PermissionsUser Account PermissionsThe information system implements a reference monitor for organization-defined access control policies that is small enough to be subject to analysis and testing, the completeness of which can be assured.
CCI Catalog v2022-04-05CCI-002361narrowerProcess TerminationProcess TerminationThe information system automatically terminates a user session after organization-defined conditions or trigger events requiring session disconnect.
CCI Catalog v2022-04-05CCI-002363narrowerProcess TerminationProcess TerminationThe information system provides a logout capability for user-initiated communications sessions whenever authentication is used to gain access to organization-defined information resources.
CCI Catalog v2022-04-05CCI-002364narrowerProcess TerminationProcess TerminationThe information system displays an explicit logout message to users indicating the reliable termination of authenticated communications sessions.
CCI Catalog v2022-04-05CCI-002381broaderHardware-based Process IsolationHardware-based Process IsolationThe organization minimizes the number of nonsecurity functions included within the isolation boundary containing security functions.
CCI Catalog v2022-04-05CCI-002381broaderKernel-based Process IsolationKernel-based Process IsolationThe organization minimizes the number of nonsecurity functions included within the isolation boundary containing security functions.
CCI Catalog v2022-04-05CCI-002382broaderHardware-based Process IsolationHardware-based Process IsolationThe organization implements security functions as largely independent modules that maximize internal cohesiveness within modules and minimize coupling between modules.
CCI Catalog v2022-04-05CCI-002382broaderKernel-based Process IsolationKernel-based Process IsolationThe organization implements security functions as largely independent modules that maximize internal cohesiveness within modules and minimize coupling between modules.
CCI Catalog v2022-04-05CCI-002384narrowerNetwork Traffic FilteringNetwork Traffic FilteringThe information system prevents unauthorized information transfer via shared resources in accordance with organization-defined procedures when system processing explicitly switches between different information classification levels or security categories.
CCI Catalog v2022-04-05CCI-002385narrowerInbound Traffic FilteringInbound Traffic FilteringThe information system protects against or limits the effects of organization-defined types of denial of service attacks by employing organization-defined security safeguards.
CCI Catalog v2022-04-05CCI-002385narrowerOutbound Traffic FilteringOutbound Traffic FilteringThe information system protects against or limits the effects of organization-defined types of denial of service attacks by employing organization-defined security safeguards.
CCI Catalog v2022-04-05CCI-002394narrowerSystem Configuration PermissionsSystem Configuration PermissionsThe information system protects the availability of resources by allocating organization-defined resources based on priority, quota, and/or organization-defined security safeguards.
CCI Catalog v2022-04-05CCI-002397narrowerInbound Traffic FilteringInbound Traffic FilteringThe information system, in conjunction with a remote device, prevents the device from simultaneously establishing non-remote connections with the system and communicating via some other connection to resources in external networks.
CCI Catalog v2022-04-05CCI-002397narrowerOutbound Traffic FilteringOutbound Traffic FilteringThe information system, in conjunction with a remote device, prevents the device from simultaneously establishing non-remote connections with the system and communicating via some other connection to resources in external networks.
CCI Catalog v2022-04-05CCI-002400narrowerOutbound Traffic FilteringOutbound Traffic FilteringThe information system audits the identity of internal users associated with denied outgoing communications traffic posing a threat to external information systems.
CCI Catalog v2022-04-05CCI-002403narrowerInbound Traffic FilteringInbound Traffic FilteringThe information system only allows incoming communications from organization-defined authorized sources routed to organization-defined authorized destinations.
CCI Catalog v2022-04-05CCI-002403narrowerOutbound Traffic FilteringOutbound Traffic FilteringThe information system only allows incoming communications from organization-defined authorized sources routed to organization-defined authorized destinations.
CCI Catalog v2022-04-05CCI-002409narrowerInbound Traffic FilteringInbound Traffic FilteringThe information system blocks both inbound and outbound communications traffic between organization-defined communication clients that are independently configured by end users and external service providers.
CCI Catalog v2022-04-05CCI-002409narrowerOutbound Traffic FilteringOutbound Traffic FilteringThe information system blocks both inbound and outbound communications traffic between organization-defined communication clients that are independently configured by end users and external service providers.
CCI Catalog v2022-04-05CCI-002411broaderHardware-based Process IsolationHardware-based Process IsolationThe information system provides the capability to dynamically isolate/segregate organization-defined information system components from other components of the system.
CCI Catalog v2022-04-05CCI-002411broaderIO Port RestrictionIO Port RestrictionThe information system provides the capability to dynamically isolate/segregate organization-defined information system components from other components of the system.
CCI Catalog v2022-04-05CCI-002411broaderKernel-based Process IsolationKernel-based Process IsolationThe information system provides the capability to dynamically isolate/segregate organization-defined information system components from other components of the system.
CCI Catalog v2022-04-05CCI-002420narrowerEncrypted TunnelsEncrypted TunnelsThe information system maintains the confidentiality and/or integrity of information during preparation for transmission.
CCI Catalog v2022-04-05CCI-002421broaderEncrypted TunnelsEncrypted TunnelsThe information system implements cryptographic mechanisms to prevent unauthorized disclosure of information and/or detect changes to information during transmission unless otherwise protected by organization-defined alternative physical safeguards.
CCI Catalog v2022-04-05CCI-002422narrowerEncrypted TunnelsEncrypted TunnelsThe information system maintains the confidentiality and/or integrity of information during reception.
CCI Catalog v2022-04-05CCI-002423narrowerEncrypted TunnelsEncrypted TunnelsThe information system implements cryptographic mechanisms to protect message externals (e.g., message headers and routing information) unless otherwise protected by organization-defined alternative physical safeguards.
CCI Catalog v2022-04-05CCI-002425narrowerEncrypted TunnelsEncrypted TunnelsThe information system implements cryptographic mechanisms to conceal or randomize communication patterns unless otherwise protected by organization-defined alternative physical safeguards.
CCI Catalog v2022-04-05CCI-002426broaderEncrypted TunnelsEncrypted TunnelsThe information system provides a trusted communications path that is logically isolated and distinguishable from other paths.
CCI Catalog v2022-04-05CCI-002460narrowerExecutable DenylistingExecutable DenylistingThe information system enforces organization-defined actions prior to executing mobile code.
CCI Catalog v2022-04-05CCI-002462narrowerDomain Trust PolicyDomain Trust PolicyThe information system provides additional data integrity verification artifacts along with the authoritative name resolution data the system returns in response to external name/address resolution queries.
CCI Catalog v2022-04-05CCI-002463narrowerDomain Trust PolicyDomain Trust PolicyThe information system provides data origin artifacts for internal name/address resolution queries.
CCI Catalog v2022-04-05CCI-002464narrowerDomain Trust PolicyDomain Trust PolicyThe information system provides data integrity protection artifacts for internal name/address resolution queries.
CCI Catalog v2022-04-05CCI-002465narrowerDomain Trust PolicyDomain Trust PolicyThe information system requests data origin authentication verification on the name/address resolution responses the system receives from authoritative sources.
CCI Catalog v2022-04-05CCI-002466narrowerDomain Trust PolicyDomain Trust PolicyThe information system requests data integrity verification on the name/address resolution responses the system receives from authoritative sources.
CCI Catalog v2022-04-05CCI-002467narrowerDNS Traffic AnalysisDNS Traffic AnalysisThe information system performs data integrity verification on the name/address resolution responses the system receives from authoritative sources.
CCI Catalog v2022-04-05CCI-002468narrowerDNS Traffic AnalysisDNS Traffic AnalysisThe information system performs data origin verification authentication on the name/address resolution responses the system receives from authoritative sources.
CCI Catalog v2022-04-05CCI-002470narrowerCertificate PinningCertificate PinningThe information system only allows the use of organization-defined certificate authorities for verification of the establishment of protected sessions.
CCI Catalog v2022-04-05CCI-002470narrowerCertificate-based AuthenticationCertificate-based AuthenticationThe information system only allows the use of organization-defined certificate authorities for verification of the establishment of protected sessions.
CCI Catalog v2022-04-05CCI-002475narrowerDisk EncryptionDisk EncryptionThe information system implements cryptographic mechanisms to prevent unauthorized modification of organization-defined information at rest on organization-defined information system components.
CCI Catalog v2022-04-05CCI-002475narrowerFile EncryptionFile EncryptionThe information system implements cryptographic mechanisms to prevent unauthorized modification of organization-defined information at rest on organization-defined information system components.
CCI Catalog v2022-04-05CCI-002476narrowerDisk EncryptionDisk EncryptionThe information system implements cryptographic mechanisms to prevent unauthorized disclosure of organization-defined information at rest on organization-defined information system components.
CCI Catalog v2022-04-05CCI-002476narrowerFile EncryptionFile EncryptionThe information system implements cryptographic mechanisms to prevent unauthorized disclosure of organization-defined information at rest on organization-defined information system components.
CCI Catalog v2022-04-05CCI-002530broaderHardware-based Process IsolationHardware-based Process IsolationThe information system maintains a separate execution domain for each executing process.
CCI Catalog v2022-04-05CCI-002530broaderKernel-based Process IsolationKernel-based Process IsolationThe information system maintains a separate execution domain for each executing process.
CCI Catalog v2022-04-05CCI-002531broaderHardware-based Process IsolationHardware-based Process IsolationThe information system implements underlying hardware separation mechanisms to facilitate process separation.
CCI Catalog v2022-04-05CCI-002533narrowerKernel-based Process IsolationKernel-based Process IsolationThe information system maintains a separate execution domain for each thread in organization-defined multi-threaded processing.
CCI Catalog v2022-04-05CCI-002536broaderRF ShieldingRF ShieldingThe information system protects organization-defined external and internal wireless links from organization-defined types of signal parameter attacks or references to sources for such attacks.
CCI Catalog v2022-04-05CCI-002546broaderIO Port RestrictionIO Port RestrictionThe organization physically disables or removes organization-defined connection ports or input/output devices on organization-defined information systems or information system components.
CCI Catalog v2022-04-05CCI-002605narrowerSoftware UpdateSoftware UpdateThe organization installs security-relevant software updates within an organization-defined time period of the release of the updates.
CCI Catalog v2022-04-05CCI-002607narrowerSoftware UpdateSoftware UpdateThe organization installs security-relevant firmware updates within an organization-defined time period of the release of the updates.
CCI Catalog v2022-04-05CCI-002613narrowerSoftware UpdateSoftware UpdateThe organization installs organization-defined security-relevant software updates automatically to organization-defined information system components.
CCI Catalog v2022-04-05CCI-002614narrowerSoftware UpdateSoftware UpdateThe organization installs organization-defined security-relevant firmware updates automatically to organization-defined information system components.
CCI Catalog v2022-04-05CCI-002617narrowerSoftware UpdateSoftware UpdateThe organization removes organization-defined software components (e.g., previous versions) after updated versions have been installed.
CCI Catalog v2022-04-05CCI-002618narrowerSoftware UpdateSoftware UpdateThe organization removes organization-defined firmware components (e.g., previous versions) after updated versions have been installed.
CCI Catalog v2022-04-05CCI-002630broaderScript Execution AnalysisScript Execution AnalysisThe information system detects organization-defined unauthorized operating system commands through the kernel application programming interface at organization-defined information system hardware components.
CCI Catalog v2022-04-05CCI-002631narrowerScript Execution AnalysisScript Execution AnalysisThe information system issues a warning, audits the command execution, or prevents the execution of the command when organization-defined unauthorized operating system commands are detected.
CCI Catalog v2022-04-05CCI-002661narrowerInbound Traffic FilteringInbound Traffic FilteringThe information system monitors inbound communications traffic per organization-defined frequency for unusual or unauthorized activities or conditions.
CCI Catalog v2022-04-05CCI-002662narrowerOutbound Traffic FilteringOutbound Traffic FilteringThe information system monitors outbound communications traffic per organization-defined frequency for unusual or unauthorized activities or conditions.
CCI Catalog v2022-04-05CCI-002684broaderNetwork Traffic AnalysisNetwork Traffic AnalysisThe information system audits and/or alerts organization-defined personnel when unauthorized network services are detected.
CCI Catalog v2022-04-05CCI-002684broaderPlatform MonitoringPlatform MonitoringThe information system audits and/or alerts organization-defined personnel when unauthorized network services are detected.
CCI Catalog v2022-04-05CCI-002688broaderFile Content RulesFile Content RulesThe information system discovers indicators of compromise.
CCI Catalog v2022-04-05CCI-002689broaderFile Content RulesFile Content RulesThe information system collects indicators of compromise.
CCI Catalog v2022-04-05CCI-002690broaderFile Content RulesFile Content RulesThe information system distributes indicators of compromise.
CCI Catalog v2022-04-05CCI-002691broaderFile Content RulesFile Content RulesThe information system uses indicators of compromise.
CCI Catalog v2022-04-05CCI-002710broaderDriver Load Integrity CheckingDriver Load Integrity CheckingThe information system performs an integrity check of organization-defined software at startup, at organization-defined transitional states or security-relevant events, or on an organization-defined frequency.
CCI Catalog v2022-04-05CCI-002710broaderFile HashingFile HashingThe information system performs an integrity check of organization-defined software at startup, at organization-defined transitional states or security-relevant events, or on an organization-defined frequency.
CCI Catalog v2022-04-05CCI-002710broaderPointer AuthenticationPointer AuthenticationThe information system performs an integrity check of organization-defined software at startup, at organization-defined transitional states or security-relevant events, or on an organization-defined frequency.
CCI Catalog v2022-04-05CCI-002710broaderTPM Boot IntegrityTPM Boot IntegrityThe information system performs an integrity check of organization-defined software at startup, at organization-defined transitional states or security-relevant events, or on an organization-defined frequency.
CCI Catalog v2022-04-05CCI-002711broaderTPM Boot IntegrityTPM Boot IntegrityThe information system performs an integrity check of organization-defined firmware at startup, at organization-defined transitional states or security-relevant events, or on an organization-defined frequency.
CCI Catalog v2022-04-05CCI-002712broaderDriver Load Integrity CheckingDriver Load Integrity CheckingThe information system performs an integrity check of organization-defined information at startup, at organization-defined transitional states or security-relevant events, or on an organization-defined frequency.
CCI Catalog v2022-04-05CCI-002712broaderFile HashingFile HashingThe information system performs an integrity check of organization-defined information at startup, at organization-defined transitional states or security-relevant events, or on an organization-defined frequency.
CCI Catalog v2022-04-05CCI-002712broaderPointer AuthenticationPointer AuthenticationThe information system performs an integrity check of organization-defined information at startup, at organization-defined transitional states or security-relevant events, or on an organization-defined frequency.
CCI Catalog v2022-04-05CCI-002712broaderTPM Boot IntegrityTPM Boot IntegrityThe information system performs an integrity check of organization-defined information at startup, at organization-defined transitional states or security-relevant events, or on an organization-defined frequency.
CCI Catalog v2022-04-05CCI-002715narrowerDriver Load Integrity CheckingDriver Load Integrity CheckingThe information system automatically shuts the information system down, restarts the information system, and/or implements organization-defined security safeguards when integrity violations are discovered.
CCI Catalog v2022-04-05CCI-002715narrowerFile HashingFile HashingThe information system automatically shuts the information system down, restarts the information system, and/or implements organization-defined security safeguards when integrity violations are discovered.
CCI Catalog v2022-04-05CCI-002715narrowerPointer AuthenticationPointer AuthenticationThe information system automatically shuts the information system down, restarts the information system, and/or implements organization-defined security safeguards when integrity violations are discovered.
CCI Catalog v2022-04-05CCI-002715narrowerTPM Boot IntegrityTPM Boot IntegrityThe information system automatically shuts the information system down, restarts the information system, and/or implements organization-defined security safeguards when integrity violations are discovered.
CCI Catalog v2022-04-05CCI-002716broaderFile HashingFile HashingThe information system implements cryptographic mechanisms to detect unauthorized changes to software.
CCI Catalog v2022-04-05CCI-002717broaderFile HashingFile HashingThe information system implements cryptographic mechanisms to detect unauthorized changes to firmware.
CCI Catalog v2022-04-05CCI-002718broaderFile HashingFile HashingThe information system implements cryptographic mechanisms to detect unauthorized changes to information.
CCI Catalog v2022-04-05CCI-002723narrowerDriver Load Integrity CheckingDriver Load Integrity CheckingThe information system, upon detection of a potential integrity violation, provides the capability to audit the event.
CCI Catalog v2022-04-05CCI-002723narrowerFile HashingFile HashingThe information system, upon detection of a potential integrity violation, provides the capability to audit the event.
CCI Catalog v2022-04-05CCI-002723narrowerPointer AuthenticationPointer AuthenticationThe information system, upon detection of a potential integrity violation, provides the capability to audit the event.
CCI Catalog v2022-04-05CCI-002723narrowerTPM Boot IntegrityTPM Boot IntegrityThe information system, upon detection of a potential integrity violation, provides the capability to audit the event.
CCI Catalog v2022-04-05CCI-002724narrowerDriver Load Integrity CheckingDriver Load Integrity CheckingThe information system, upon detection of a potential integrity violation, initiates one or more of the following actions: generates an audit record; alerts the current user; alerts organization-defined personnel or roles; and/or organization-defined other actions.
CCI Catalog v2022-04-05CCI-002724narrowerFile HashingFile HashingThe information system, upon detection of a potential integrity violation, initiates one or more of the following actions: generates an audit record; alerts the current user; alerts organization-defined personnel or roles; and/or organization-defined other actions.
CCI Catalog v2022-04-05CCI-002724narrowerPointer AuthenticationPointer AuthenticationThe information system, upon detection of a potential integrity violation, initiates one or more of the following actions: generates an audit record; alerts the current user; alerts organization-defined personnel or roles; and/or organization-defined other actions.
CCI Catalog v2022-04-05CCI-002724narrowerTPM Boot IntegrityTPM Boot IntegrityThe information system, upon detection of a potential integrity violation, initiates one or more of the following actions: generates an audit record; alerts the current user; alerts organization-defined personnel or roles; and/or organization-defined other actions.
CCI Catalog v2022-04-05CCI-002726broaderDriver Load Integrity CheckingDriver Load Integrity CheckingThe information system verifies the integrity of the boot process of organization-defined devices.
CCI Catalog v2022-04-05CCI-002726broaderTPM Boot IntegrityTPM Boot IntegrityThe information system verifies the integrity of the boot process of organization-defined devices.
CCI Catalog v2022-04-05CCI-002729broaderDriver Load Integrity CheckingDriver Load Integrity CheckingThe information system implements organization-defined security safeguards to protect the integrity of boot firmware in organization-defined devices.
CCI Catalog v2022-04-05CCI-002729broaderTPM Boot IntegrityTPM Boot IntegrityThe information system implements organization-defined security safeguards to protect the integrity of boot firmware in organization-defined devices.
CCI Catalog v2022-04-05CCI-002740narrowerExecutable AllowlistingExecutable AllowlistingThe information system implements cryptographic mechanisms to authenticate organization-defined software or firmware components prior to installation.
CCI Catalog v2022-04-05CCI-002743broaderSender MTA Reputation AnalysisSender MTA Reputation AnalysisThe information system implements spam protection mechanisms with a learning capability to more effectively identify legitimate communications traffic.
CCI Catalog v2022-04-05CCI-002743broaderSender Reputation AnalysisSender Reputation AnalysisThe information system implements spam protection mechanisms with a learning capability to more effectively identify legitimate communications traffic.
CCI Catalog v2022-04-05CCI-002746narrowerDatabase Query String AnalysisDatabase Query String AnalysisThe information system provides a manual override capability for input validation of organization-defined inputs.
CCI Catalog v2022-04-05CCI-002748narrowerDatabase Query String AnalysisDatabase Query String AnalysisThe information system restricts the use of the manual override capability to only organization-defined authorized individuals.
CCI Catalog v2022-04-05CCI-002749narrowerDatabase Query String AnalysisDatabase Query String AnalysisThe information system audits the use of the manual override capability.
CCI Catalog v2022-04-05CCI-002771narrowerOutbound Traffic FilteringOutbound Traffic FilteringThe information system validates information output from organization-defined software programs and/or applications to ensure that the information is consistent with the expected content.
CCI Catalog v2022-04-05CCI-002824broaderDead Code EliminationDead Code EliminationThe information system implements organization-defined security safeguards to protect its memory from unauthorized code execution.
CCI Catalog v2022-04-05CCI-002824broaderProcess Segment Execution PreventionProcess Segment Execution PreventionThe information system implements organization-defined security safeguards to protect its memory from unauthorized code execution.
CCI Catalog v2022-04-05CCI-002824broaderSegment Address Offset RandomizationSegment Address Offset RandomizationThe information system implements organization-defined security safeguards to protect its memory from unauthorized code execution.
CCI Catalog v2022-04-05CCI-002824broaderStack Frame Canary ValidationStack Frame Canary ValidationThe information system implements organization-defined security safeguards to protect its memory from unauthorized code execution.
CCI Catalog v2022-04-05CCI-002883narrowerUser Account PermissionsUser Account PermissionsThe information system restricts the use of maintenance tools to authorized personnel only.
CCI Catalog v2022-04-05CCI-002890narrowerEncrypted TunnelsEncrypted TunnelsThe information system implements cryptographic mechanisms to protect the integrity of nonlocal maintenance and diagnostic communications.
CCI Catalog v2022-04-05CCI-002891narrowerRemote Terminal Session DetectionRemote Terminal Session DetectionThe information system implements remote disconnect verification at the termination of nonlocal maintenance and diagnostic sessions.
CCI Catalog v2022-04-05CCI-003123narrowerEncrypted TunnelsEncrypted TunnelsThe information system implements cryptographic mechanisms to protect the confidentiality of nonlocal maintenance and diagnostic communications.