Semantic D3FEND Mappings to DISA Common Control Index (CCI)
The D3FEND team created this mapping in order to help users navigate between the two data sets.
Catalog | Control | Relation | Defensive Technique | Technique | CCI Definition |
---|---|---|---|---|---|
CCI Catalog v2022-04-05 | CCI-000015 | broader | Account Locking | Account Locking | The organization employs automated mechanisms to support the information system account management functions. |
CCI Catalog v2022-04-05 | CCI-000015 | broader | Domain Account Monitoring | Domain Account Monitoring | The organization employs automated mechanisms to support the information system account management functions. |
CCI Catalog v2022-04-05 | CCI-000015 | broader | Local Account Monitoring | Local Account Monitoring | The organization employs automated mechanisms to support the information system account management functions. |
CCI Catalog v2022-04-05 | CCI-000016 | narrower | Account Locking | Account Locking | The information system automatically removes or disables temporary accounts after an organization-defined time period for each type of account. |
CCI Catalog v2022-04-05 | CCI-000017 | narrower | Account Locking | Account Locking | The information system automatically disables inactive accounts after an organization-defined time period. |
CCI Catalog v2022-04-05 | CCI-000018 | exactly | Domain Account Monitoring | Domain Account Monitoring | The information system automatically audits account creation actions. |
CCI Catalog v2022-04-05 | CCI-000025 | narrower | Inbound Traffic Filtering | Inbound Traffic Filtering | The information system enforces information flow control using explicit security attributes on information, source, and destination objects as a basis for flow control decisions. |
CCI Catalog v2022-04-05 | CCI-000025 | narrower | Outbound Traffic Filtering | Outbound Traffic Filtering | The information system enforces information flow control using explicit security attributes on information, source, and destination objects as a basis for flow control decisions. |
CCI Catalog v2022-04-05 | CCI-000027 | narrower | Inbound Traffic Filtering | Inbound Traffic Filtering | The information system enforces dynamic information flow control based on organization-defined policies. |
CCI Catalog v2022-04-05 | CCI-000027 | narrower | Outbound Traffic Filtering | Outbound Traffic Filtering | The information system enforces dynamic information flow control based on organization-defined policies. |
CCI Catalog v2022-04-05 | CCI-000029 | narrower | Inbound Traffic Filtering | Inbound Traffic Filtering | The information system enforces organization-defined limitations on the embedding of data types within other data types. |
CCI Catalog v2022-04-05 | CCI-000029 | narrower | Outbound Traffic Filtering | Outbound Traffic Filtering | The information system enforces organization-defined limitations on the embedding of data types within other data types. |
CCI Catalog v2022-04-05 | CCI-000030 | narrower | Inbound Traffic Filtering | Inbound Traffic Filtering | The information system enforces information flow control based on organization-defined metadata. |
CCI Catalog v2022-04-05 | CCI-000030 | narrower | Outbound Traffic Filtering | Outbound Traffic Filtering | The information system enforces information flow control based on organization-defined metadata. |
CCI Catalog v2022-04-05 | CCI-000032 | narrower | Inbound Traffic Filtering | Inbound Traffic Filtering | The information system enforces information flow control using organization-defined security policy filters as a basis for flow control decisions for organization-defined information flows. |
CCI Catalog v2022-04-05 | CCI-000032 | narrower | Outbound Traffic Filtering | Outbound Traffic Filtering | The information system enforces information flow control using organization-defined security policy filters as a basis for flow control decisions for organization-defined information flows. |
CCI Catalog v2022-04-05 | CCI-000034 | broader | Inbound Traffic Filtering | Inbound Traffic Filtering | The information system provides the capability for a privileged administrator to enable/disable organization-defined security policy filters under organization-defined conditions. |
CCI Catalog v2022-04-05 | CCI-000034 | broader | Outbound Traffic Filtering | Outbound Traffic Filtering | The information system provides the capability for a privileged administrator to enable/disable organization-defined security policy filters under organization-defined conditions. |
CCI Catalog v2022-04-05 | CCI-000035 | broader | Inbound Traffic Filtering | Inbound Traffic Filtering | The information system provides the capability for privileged administrators to configure the organization-defined security policy filters to support different security policies. |
CCI Catalog v2022-04-05 | CCI-000035 | broader | Outbound Traffic Filtering | Outbound Traffic Filtering | The information system provides the capability for privileged administrators to configure the organization-defined security policy filters to support different security policies. |
CCI Catalog v2022-04-05 | CCI-000037 | broader | Local File Permissions | Local File Permissions | The organization implements separation of duties through assigned information system access authorizations. |
CCI Catalog v2022-04-05 | CCI-000037 | broader | User Account Permissions | User Account Permissions | The organization implements separation of duties through assigned information system access authorizations. |
CCI Catalog v2022-04-05 | CCI-000040 | broader | Authorization Event Thresholding | Authorization Event Thresholding | The organization audits any use of privileged accounts, or roles, with access to organization-defined security functions or security-relevant information, when accessing other system functions. |
CCI Catalog v2022-04-05 | CCI-000040 | broader | Local Account Monitoring | Local Account Monitoring | The organization audits any use of privileged accounts, or roles, with access to organization-defined security functions or security-relevant information, when accessing other system functions. |
CCI Catalog v2022-04-05 | CCI-000044 | narrower | Account Locking | Account Locking | The information system enforces the organization-defined limit of consecutive invalid logon attempts by a user during the organization-defined time period. |
CCI Catalog v2022-04-05 | CCI-000047 | narrower | Account Locking | Account Locking | The information system delays next login prompt according to the organization-defined delay algorithm, when the maximum number of unsuccessful attempts is exceeded, automatically locks the account/node for an organization-defined time period or locks the account/node until released by an Administrator IAW organizational policy. |
CCI Catalog v2022-04-05 | CCI-000056 | narrower | Account Locking | Account Locking | The information system retains the session lock until the user reestablishes access using established identification and authentication procedures. |
CCI Catalog v2022-04-05 | CCI-000057 | narrower | Account Locking | Account Locking | The information system initiates a session lock after the organization-defined time period of inactivity. |
CCI Catalog v2022-04-05 | CCI-000058 | narrower | Account Locking | Account Locking | The information system provides the capability for users to directly initiate session lock mechanisms. |
CCI Catalog v2022-04-05 | CCI-000060 | narrower | Account Locking | Account Locking | The information system conceals, via the session lock, information previously visible on the display with a publicly viewable image. |
CCI Catalog v2022-04-05 | CCI-000066 | broader | Remote Terminal Session Detection | Remote Terminal Session Detection | The organization enforces requirements for remote connections to the information system. |
CCI Catalog v2022-04-05 | CCI-000067 | broader | Remote Terminal Session Detection | Remote Terminal Session Detection | The information system monitors remote access methods. |
CCI Catalog v2022-04-05 | CCI-000068 | narrower | Encrypted Tunnels | Encrypted Tunnels | The information system implements cryptographic mechanisms to protect the confidentiality of remote access sessions. |
CCI Catalog v2022-04-05 | CCI-000071 | narrower | Remote Terminal Session Detection | Remote Terminal Session Detection | The organization monitors for unauthorized remote connections to the information system on an organization-defined frequency. |
CCI Catalog v2022-04-05 | CCI-000139 | narrower | System Daemon Monitoring | System Daemon Monitoring | The information system alerts designated organization-defined personnel or roles in the event of an audit processing failure. |
CCI Catalog v2022-04-05 | CCI-000143 | narrower | System Daemon Monitoring | System Daemon Monitoring | The information system provides a warning when allocated audit record storage volume reaches an organization-defined percentage of maximum audit record storage capacity. |
CCI Catalog v2022-04-05 | CCI-000144 | narrower | System Daemon Monitoring | System Daemon Monitoring | The information system provides a real-time alert when organization-defined audit failure events occur. |
CCI Catalog v2022-04-05 | CCI-000162 | narrower | Credential Hardening | Credential Hardening | The information system protects audit information from unauthorized access. |
CCI Catalog v2022-04-05 | CCI-000163 | narrower | Platform Hardening | Platform Hardening | The information system protects audit information from unauthorized modification. |
CCI Catalog v2022-04-05 | CCI-000163 | narrower | System Configuration Permissions | System Configuration Permissions | The information system protects audit information from unauthorized modification. |
CCI Catalog v2022-04-05 | CCI-000164 | narrower | Platform Hardening | Platform Hardening | The information system protects audit information from unauthorized deletion. |
CCI Catalog v2022-04-05 | CCI-000185 | narrower | Credential Hardening | Credential Hardening | The information system, for PKI-based authentication, validates certifications by constructing and verifying a certification path to an accepted trust anchor including checking certificate status information. |
CCI Catalog v2022-04-05 | CCI-000186 | narrower | Credential Hardening | Credential Hardening | The information system, for PKI-based authentication, enforces authorized access to the corresponding private key. |
CCI Catalog v2022-04-05 | CCI-000187 | narrower | Credential Hardening | Credential Hardening | The information system, for PKI-based authentication, maps the authenticated identity to the account of the individual or group. |
CCI Catalog v2022-04-05 | CCI-000192 | narrower | Strong Password Policy | Strong Password Policy | The information system enforces password complexity by the minimum number of upper case characters used. |
CCI Catalog v2022-04-05 | CCI-000193 | narrower | Strong Password Policy | Strong Password Policy | The information system enforces password complexity by the minimum number of lower case characters used. |
CCI Catalog v2022-04-05 | CCI-000194 | narrower | Strong Password Policy | Strong Password Policy | The information system enforces password complexity by the minimum number of numeric characters used. |
CCI Catalog v2022-04-05 | CCI-000195 | narrower | Strong Password Policy | Strong Password Policy | The information system, for password-based authentication, when new passwords are created, enforces that at least an organization-defined number of characters are changed. |
CCI Catalog v2022-04-05 | CCI-000196 | narrower | Strong Password Policy | Strong Password Policy | The information system, for password-based authentication, stores only cryptographically-protected passwords. |
CCI Catalog v2022-04-05 | CCI-000197 | narrower | Strong Password Policy | Strong Password Policy | The information system, for password-based authentication, transmits only cryptographically-protected passwords. |
CCI Catalog v2022-04-05 | CCI-000198 | narrower | Strong Password Policy | Strong Password Policy | The information system enforces minimum password lifetime restrictions. |
CCI Catalog v2022-04-05 | CCI-000199 | narrower | Strong Password Policy | Strong Password Policy | The information system enforces maximum password lifetime restrictions. |
CCI Catalog v2022-04-05 | CCI-000200 | narrower | Strong Password Policy | Strong Password Policy | The information system prohibits password reuse for the organization-defined number of generations. |
CCI Catalog v2022-04-05 | CCI-000205 | narrower | Strong Password Policy | Strong Password Policy | The information system enforces minimum password length. |
CCI Catalog v2022-04-05 | CCI-000213 | broader | Biometric Authentication | Biometric Authentication | The information system enforces approved authorizations for logical access to information and system resources in accordance with applicable access control policies. |
CCI Catalog v2022-04-05 | CCI-000213 | broader | Certificate-based Authentication | Certificate-based Authentication | The information system enforces approved authorizations for logical access to information and system resources in accordance with applicable access control policies. |
CCI Catalog v2022-04-05 | CCI-000213 | broader | Multi-factor Authentication | Multi-factor Authentication | The information system enforces approved authorizations for logical access to information and system resources in accordance with applicable access control policies. |
CCI Catalog v2022-04-05 | CCI-000213 | broader | User Account Permissions | User Account Permissions | The information system enforces approved authorizations for logical access to information and system resources in accordance with applicable access control policies. |
CCI Catalog v2022-04-05 | CCI-000218 | narrower | Inbound Traffic Filtering | Inbound Traffic Filtering | The information system, when transferring information between different security domains, identifies information flows by data type specification and usage. |
CCI Catalog v2022-04-05 | CCI-000218 | narrower | Outbound Traffic Filtering | Outbound Traffic Filtering | The information system, when transferring information between different security domains, identifies information flows by data type specification and usage. |
CCI Catalog v2022-04-05 | CCI-000219 | narrower | Inbound Traffic Filtering | Inbound Traffic Filtering | The information system, when transferring information between different security domains, decomposes information into organization-defined policy-relevant subcomponents for submission to policy enforcement mechanisms. |
CCI Catalog v2022-04-05 | CCI-000219 | narrower | Outbound Traffic Filtering | Outbound Traffic Filtering | The information system, when transferring information between different security domains, decomposes information into organization-defined policy-relevant subcomponents for submission to policy enforcement mechanisms. |
CCI Catalog v2022-04-05 | CCI-000226 | broader | Execution Isolation | Execution Isolation | The information system provides the capability for a privileged administrator to configure organization-defined security policy filters to support different security policies. |
CCI Catalog v2022-04-05 | CCI-000346 | narrower | Local File Permissions | Local File Permissions | The organization employs automated mechanisms to enforce access restrictions. |
CCI Catalog v2022-04-05 | CCI-000346 | narrower | User Account Permissions | User Account Permissions | The organization employs automated mechanisms to enforce access restrictions. |
CCI Catalog v2022-04-05 | CCI-000352 | narrower | Executable Allowlisting | Executable Allowlisting | The information system prevents the installation of organization-defined critical software programs that are not signed with a certificate that is recognized and approved by the organization. |
CCI Catalog v2022-04-05 | CCI-000352 | narrower | Executable Denylisting | Executable Denylisting | The information system prevents the installation of organization-defined critical software programs that are not signed with a certificate that is recognized and approved by the organization. |
CCI Catalog v2022-04-05 | CCI-000374 | narrower | Operating System Monitoring | Operating System Monitoring | The organization employs automated mechanisms to respond to unauthorized changes to organization-defined configuration settings. |
CCI Catalog v2022-04-05 | CCI-000381 | broader | Platform Hardening | Platform Hardening | The organization configures the information system to provide only essential capabilities. |
CCI Catalog v2022-04-05 | CCI-000382 | broader | Platform Hardening | Platform Hardening | The organization configures the information system to prohibit or restrict the use of organization-defined functions, ports, protocols, and/or services. |
CCI Catalog v2022-04-05 | CCI-000386 | exactly | Executable Denylisting | Executable Denylisting | The organization employs automated mechanisms to prevent program execution on the information system in accordance with the organization-defined specifications. |
CCI Catalog v2022-04-05 | CCI-000417 | broader | Execution Isolation | Execution Isolation | The organization disables network access by unauthorized components/devices or notifies designated organizational officials. |
CCI Catalog v2022-04-05 | CCI-000417 | broader | Network Isolation | Network Isolation | The organization disables network access by unauthorized components/devices or notifies designated organizational officials. |
CCI Catalog v2022-04-05 | CCI-000663 | broader | Execution Isolation | Execution Isolation | The organization (or information system) enforces explicit rules governing the installation of software by users. |
CCI Catalog v2022-04-05 | CCI-000764 | broader | Biometric Authentication | Biometric Authentication | The information system uniquely identifies and authenticates organizational users (or processes acting on behalf of organizational users). |
CCI Catalog v2022-04-05 | CCI-000764 | broader | Certificate-based Authentication | Certificate-based Authentication | The information system uniquely identifies and authenticates organizational users (or processes acting on behalf of organizational users). |
CCI Catalog v2022-04-05 | CCI-000764 | broader | Multi-factor Authentication | Multi-factor Authentication | The information system uniquely identifies and authenticates organizational users (or processes acting on behalf of organizational users). |
CCI Catalog v2022-04-05 | CCI-000764 | broader | One-time Password | One-time Password | The information system uniquely identifies and authenticates organizational users (or processes acting on behalf of organizational users). |
CCI Catalog v2022-04-05 | CCI-000765 | narrower | Multi-factor Authentication | Multi-factor Authentication | The information system implements multifactor authentication for network access to privileged accounts. |
CCI Catalog v2022-04-05 | CCI-000766 | narrower | Multi-factor Authentication | Multi-factor Authentication | The information system implements multifactor authentication for network access to non-privileged accounts. |
CCI Catalog v2022-04-05 | CCI-000767 | narrower | Multi-factor Authentication | Multi-factor Authentication | The information system implements multifactor authentication for local access to privileged accounts. |
CCI Catalog v2022-04-05 | CCI-000768 | narrower | Multi-factor Authentication | Multi-factor Authentication | The information system implements multifactor authentication for local access to non-privileged accounts. |
CCI Catalog v2022-04-05 | CCI-000771 | narrower | Multi-factor Authentication | Multi-factor Authentication | The information system uses multifactor authentication for network access to privileged accounts where one of the factors is provided by a device separate from the information system being accessed. |
CCI Catalog v2022-04-05 | CCI-000772 | narrower | Multi-factor Authentication | Multi-factor Authentication | The information system uses multifactor authentication for network access to non-privileged accounts where one of the factors is provided by a device separate from the information system being accessed. |
CCI Catalog v2022-04-05 | CCI-000774 | narrower | One-time Password | One-time Password | The information system uses organization-defined replay-resistant authentication mechanisms for network access to privileged accounts. |
CCI Catalog v2022-04-05 | CCI-000776 | narrower | One-time Password | One-time Password | The information system uses organization-defined replay-resistant authentication mechanisms for network access to non-privileged accounts. |
CCI Catalog v2022-04-05 | CCI-000804 | broader | Biometric Authentication | Biometric Authentication | The information system uniquely identifies and authenticates non-organizational users (or processes acting on behalf of non-organizational users). |
CCI Catalog v2022-04-05 | CCI-000804 | broader | Certificate-based Authentication | Certificate-based Authentication | The information system uniquely identifies and authenticates non-organizational users (or processes acting on behalf of non-organizational users). |
CCI Catalog v2022-04-05 | CCI-000804 | broader | Multi-factor Authentication | Multi-factor Authentication | The information system uniquely identifies and authenticates non-organizational users (or processes acting on behalf of non-organizational users). |
CCI Catalog v2022-04-05 | CCI-000804 | broader | One-time Password | One-time Password | The information system uniquely identifies and authenticates non-organizational users (or processes acting on behalf of non-organizational users). |
CCI Catalog v2022-04-05 | CCI-000831 | broader | Credential Eviction | Credential Eviction | The organization implements a configurable capability to automatically disable the information system if organization-defined security violations are detected. |
CCI Catalog v2022-04-05 | CCI-000831 | broader | Process Eviction | Process Eviction | The organization implements a configurable capability to automatically disable the information system if organization-defined security violations are detected. |
CCI Catalog v2022-04-05 | CCI-000877 | broader | Biometric Authentication | Biometric Authentication | The organization employs strong authenticators in the establishment of nonlocal maintenance and diagnostic sessions. |
CCI Catalog v2022-04-05 | CCI-000877 | broader | Certificate-based Authentication | Certificate-based Authentication | The organization employs strong authenticators in the establishment of nonlocal maintenance and diagnostic sessions. |
CCI Catalog v2022-04-05 | CCI-000877 | broader | Multi-factor Authentication | Multi-factor Authentication | The organization employs strong authenticators in the establishment of nonlocal maintenance and diagnostic sessions. |
CCI Catalog v2022-04-05 | CCI-000880 | narrower | Operating System Monitoring | Operating System Monitoring | The organization audits non-local maintenance and diagnostic sessions. |
CCI Catalog v2022-04-05 | CCI-000884 | narrower | Credential Hardening | Credential Hardening | The organization protects nonlocal maintenance sessions by employing organization-defined authenticators that are replay resistant. |
CCI Catalog v2022-04-05 | CCI-000888 | narrower | Encrypted Tunnels | Encrypted Tunnels | The organization employs cryptographic mechanisms to protect the integrity and confidentiality of non-local maintenance and diagnostic communications. |
CCI Catalog v2022-04-05 | CCI-001009 | narrower | File Encryption | File Encryption | The information system uses cryptographic mechanisms to protect and restrict access to information on portable digital media. |
CCI Catalog v2022-04-05 | CCI-001019 | narrower | Disk Encryption | Disk Encryption | The organization employs cryptographic mechanisms to protect information in storage. |
CCI Catalog v2022-04-05 | CCI-001019 | narrower | File Encryption | File Encryption | The organization employs cryptographic mechanisms to protect information in storage. |
CCI Catalog v2022-04-05 | CCI-001067 | narrower | Platform Hardening | Platform Hardening | The information system implements privileged access authorization to organization-identified information system components for selected organization-defined vulnerability scanning activities. |
CCI Catalog v2022-04-05 | CCI-001069 | narrower | Executable Allowlisting | Executable Allowlisting | The organization employs automated mechanisms to detect the presence of unauthorized software on organizational information systems and notify designated organizational officials in accordance with the organization-defined frequency. |
CCI Catalog v2022-04-05 | CCI-001069 | narrower | Executable Denylisting | Executable Denylisting | The organization employs automated mechanisms to detect the presence of unauthorized software on organizational information systems and notify designated organizational officials in accordance with the organization-defined frequency. |
CCI Catalog v2022-04-05 | CCI-001082 | broader | Local File Permissions | Local File Permissions | The information system separates user functionality (including user interface services) from information system management functionality. |
CCI Catalog v2022-04-05 | CCI-001082 | broader | System Configuration Permissions | System Configuration Permissions | The information system separates user functionality (including user interface services) from information system management functionality. |
CCI Catalog v2022-04-05 | CCI-001083 | narrower | Local File Permissions | Local File Permissions | The information system prevents the presentation of information system management-related functionality at an interface for non-privileged users. |
CCI Catalog v2022-04-05 | CCI-001083 | narrower | System Configuration Permissions | System Configuration Permissions | The information system prevents the presentation of information system management-related functionality at an interface for non-privileged users. |
CCI Catalog v2022-04-05 | CCI-001084 | narrower | System Configuration Permissions | System Configuration Permissions | The information system isolates security functions from nonsecurity functions. |
CCI Catalog v2022-04-05 | CCI-001085 | broader | Hardware-based Process Isolation | Hardware-based Process Isolation | The information system utilizes underlying hardware separation mechanisms to implement security function isolation. |
CCI Catalog v2022-04-05 | CCI-001086 | narrower | System Configuration Permissions | System Configuration Permissions | The information system isolates security functions enforcing access and information flow control from both nonsecurity functions and from other security functions. |
CCI Catalog v2022-04-05 | CCI-001087 | narrower | System Configuration Permissions | System Configuration Permissions | The organization implements an information system isolation boundary to minimize the number of nonsecurity functions included within the boundary containing security functions. |
CCI Catalog v2022-04-05 | CCI-001089 | narrower | System Configuration Permissions | System Configuration Permissions | The organization implements security functions as a layered structure minimizing interactions between layers of the design and avoiding any dependence by lower layers on the functionality or correctness of higher layers. |
CCI Catalog v2022-04-05 | CCI-001090 | narrower | Network Traffic Filtering | Network Traffic Filtering | The information system prevents unauthorized and unintended information transfer via shared system resources. |
CCI Catalog v2022-04-05 | CCI-001092 | narrower | Inbound Traffic Filtering | Inbound Traffic Filtering | The information system protects against or limits the effects of the organization-defined or referenced types of denial of service attacks. |
CCI Catalog v2022-04-05 | CCI-001092 | narrower | Outbound Traffic Filtering | Outbound Traffic Filtering | The information system protects against or limits the effects of the organization-defined or referenced types of denial of service attacks. |
CCI Catalog v2022-04-05 | CCI-001094 | narrower | Inbound Traffic Filtering | Inbound Traffic Filtering | The information system restricts the ability of individuals to launch organization-defined denial of service attacks against other information systems. |
CCI Catalog v2022-04-05 | CCI-001094 | narrower | Outbound Traffic Filtering | Outbound Traffic Filtering | The information system restricts the ability of individuals to launch organization-defined denial of service attacks against other information systems. |
CCI Catalog v2022-04-05 | CCI-001096 | narrower | Local File Permissions | Local File Permissions | The information system limits the use of resources by priority. |
CCI Catalog v2022-04-05 | CCI-001096 | narrower | System Configuration Permissions | System Configuration Permissions | The information system limits the use of resources by priority. |
CCI Catalog v2022-04-05 | CCI-001109 | exactly | Inbound Traffic Filtering | Inbound Traffic Filtering | The information system at managed interfaces denies network communications traffic by default and allows network communications traffic by exception (i.e., deny all, permit by exception). |
CCI Catalog v2022-04-05 | CCI-001109 | exactly | Outbound Traffic Filtering | Outbound Traffic Filtering | The information system at managed interfaces denies network communications traffic by default and allows network communications traffic by exception (i.e., deny all, permit by exception). |
CCI Catalog v2022-04-05 | CCI-001111 | narrower | Inbound Traffic Filtering | Inbound Traffic Filtering | The information system prevents remote devices that have established a non-remote connection with the system from communicating outside of that communications path with resources in external networks. |
CCI Catalog v2022-04-05 | CCI-001111 | narrower | Outbound Traffic Filtering | Outbound Traffic Filtering | The information system prevents remote devices that have established a non-remote connection with the system from communicating outside of that communications path with resources in external networks. |
CCI Catalog v2022-04-05 | CCI-001115 | narrower | Inbound Traffic Filtering | Inbound Traffic Filtering | The information system, at managed interfaces, denies network traffic and audits internal users (or malicious code) posing a threat to external information systems. |
CCI Catalog v2022-04-05 | CCI-001115 | narrower | Outbound Traffic Filtering | Outbound Traffic Filtering | The information system, at managed interfaces, denies network traffic and audits internal users (or malicious code) posing a threat to external information systems. |
CCI Catalog v2022-04-05 | CCI-001117 | narrower | Inbound Traffic Filtering | Inbound Traffic Filtering | The information system checks incoming communications to ensure the communications are coming from an authorized source and routed to an authorized destination. |
CCI Catalog v2022-04-05 | CCI-001117 | narrower | Outbound Traffic Filtering | Outbound Traffic Filtering | The information system checks incoming communications to ensure the communications are coming from an authorized source and routed to an authorized destination. |
CCI Catalog v2022-04-05 | CCI-001118 | broader | Network Isolation | Network Isolation | The information system implements host-based boundary protection mechanisms for servers, workstations, and mobile devices. |
CCI Catalog v2022-04-05 | CCI-001124 | broader | Broadcast Domain Isolation | Broadcast Domain Isolation | The information system prevents discovery of specific system components composing a managed interface. |
CCI Catalog v2022-04-05 | CCI-001125 | narrower | Inbound Traffic Filtering | Inbound Traffic Filtering | The information system enforces adherence to protocol format. |
CCI Catalog v2022-04-05 | CCI-001125 | narrower | Outbound Traffic Filtering | Outbound Traffic Filtering | The information system enforces adherence to protocol format. |
CCI Catalog v2022-04-05 | CCI-001127 | broader | Encrypted Tunnels | Encrypted Tunnels | The information system protects the integrity of transmitted information. |
CCI Catalog v2022-04-05 | CCI-001128 | broader | Encrypted Tunnels | Encrypted Tunnels | The organization employs cryptographic mechanisms to recognize changes to information during transmission unless otherwise protected by alternative physical measures. |
CCI Catalog v2022-04-05 | CCI-001133 | narrower | Session Duration Analysis | Session Duration Analysis | The information system terminates the network connection associated with a communications session at the end of the session or after an organization-defined time period of inactivity. |
CCI Catalog v2022-04-05 | CCI-001144 | narrower | Disk Encryption | Disk Encryption | The information system implements required cryptographic protections using cryptographic modules that comply with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance. |
CCI Catalog v2022-04-05 | CCI-001144 | narrower | File Encryption | File Encryption | The information system implements required cryptographic protections using cryptographic modules that comply with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance. |
CCI Catalog v2022-04-05 | CCI-001145 | narrower | Disk Encryption | Disk Encryption | The organization employs, at a minimum, FIPS-validated cryptography to protect unclassified information. |
CCI Catalog v2022-04-05 | CCI-001145 | narrower | File Encryption | File Encryption | The organization employs, at a minimum, FIPS-validated cryptography to protect unclassified information. |
CCI Catalog v2022-04-05 | CCI-001146 | narrower | Disk Encryption | Disk Encryption | The organization employs NSA-approved cryptography to protect classified information. |
CCI Catalog v2022-04-05 | CCI-001146 | narrower | File Encryption | File Encryption | The organization employs NSA-approved cryptography to protect classified information. |
CCI Catalog v2022-04-05 | CCI-001147 | narrower | Disk Encryption | Disk Encryption | The organization employs, at a minimum, FIPS-validated cryptography to protect information when such information must be separated from individuals who have the necessary clearances yet lack the necessary access approvals. |
CCI Catalog v2022-04-05 | CCI-001147 | narrower | File Encryption | File Encryption | The organization employs, at a minimum, FIPS-validated cryptography to protect information when such information must be separated from individuals who have the necessary clearances yet lack the necessary access approvals. |
CCI Catalog v2022-04-05 | CCI-001150 | narrower | Remote Terminal Session Detection | Remote Terminal Session Detection | The information system prohibits remote activation of collaborative computing devices, excluding the organization-defined exceptions where remote activation is to be allowed. |
CCI Catalog v2022-04-05 | CCI-001166 | broader | Dynamic Analysis | Dynamic Analysis | The information system identifies organization-defined unacceptable mobile code. |
CCI Catalog v2022-04-05 | CCI-001166 | broader | Emulated File Analysis | Emulated File Analysis | The information system identifies organization-defined unacceptable mobile code. |
CCI Catalog v2022-04-05 | CCI-001166 | broader | File Content Rules | File Content Rules | The information system identifies organization-defined unacceptable mobile code. |
CCI Catalog v2022-04-05 | CCI-001169 | narrower | Executable Denylisting | Executable Denylisting | The information system prevents the download of organization-defined unacceptable mobile code. |
CCI Catalog v2022-04-05 | CCI-001170 | narrower | Executable Denylisting | Executable Denylisting | The information system prevents the automatic execution of mobile code in organization-defined software applications. |
CCI Catalog v2022-04-05 | CCI-001178 | narrower | Domain Trust Policy | Domain Trust Policy | The information system provides additional data origin authentication artifacts along with the authoritative name resolution data the system returns in response to external name/address resolution queries. |
CCI Catalog v2022-04-05 | CCI-001185 | narrower | Authentication Cache Invalidation | Authentication Cache Invalidation | The information system invalidates session identifiers upon user logout or other session termination. |
CCI Catalog v2022-04-05 | CCI-001199 | broader | Disk Encryption | Disk Encryption | The information system protects the confidentiality and/or integrity of organization-defined information at rest. |
CCI Catalog v2022-04-05 | CCI-001199 | broader | File Content Rules | File Content Rules | The information system protects the confidentiality and/or integrity of organization-defined information at rest. |
CCI Catalog v2022-04-05 | CCI-001199 | broader | File Encryption | File Encryption | The information system protects the confidentiality and/or integrity of organization-defined information at rest. |
CCI Catalog v2022-04-05 | CCI-001199 | broader | File Hashing | File Hashing | The information system protects the confidentiality and/or integrity of organization-defined information at rest. |
CCI Catalog v2022-04-05 | CCI-001199 | broader | Local File Permissions | Local File Permissions | The information system protects the confidentiality and/or integrity of organization-defined information at rest. |
CCI Catalog v2022-04-05 | CCI-001200 | narrower | Disk Encryption | Disk Encryption | The organization employs cryptographic mechanisms to prevent unauthorized disclosure of information at rest unless otherwise protected by alternative physical measures. |
CCI Catalog v2022-04-05 | CCI-001200 | narrower | File Encryption | File Encryption | The organization employs cryptographic mechanisms to prevent unauthorized disclosure of information at rest unless otherwise protected by alternative physical measures. |
CCI Catalog v2022-04-05 | CCI-001210 | narrower | Driver Load Integrity Checking | Driver Load Integrity Checking | The information system, at organization-defined information system components, loads and executes the operating environment from hardware-enforced, read-only media. |
CCI Catalog v2022-04-05 | CCI-001211 | narrower | Application Configuration Hardening | Application Configuration Hardening | The information system, at organization-defined information system components, loads and executes organization-defined applications from hardware-enforced, read-only media. |
CCI Catalog v2022-04-05 | CCI-001233 | narrower | Software Update | Software Update | The organization employs automated mechanisms on an organization-defined frequency to determine the state of information system components with regard to flaw remediation. |
CCI Catalog v2022-04-05 | CCI-001237 | narrower | Software Update | Software Update | The organization employs automated patch management tools to facilitate flaw remediation to organization-defined information system components. |
CCI Catalog v2022-04-05 | CCI-001239 | broader | File Analysis | File Analysis | The organization employs malicious code protection mechanisms at information system entry and exit points to detect and eradicate malicious code transported by electronic mail, electronic mail attachments, web accesses, removable media, or other common means or inserted through the exploitation of information system vulnerabilities. |
CCI Catalog v2022-04-05 | CCI-001239 | broader | Network Traffic Analysis | Network Traffic Analysis | The organization employs malicious code protection mechanisms at information system entry and exit points to detect and eradicate malicious code transported by electronic mail, electronic mail attachments, web accesses, removable media, or other common means or inserted through the exploitation of information system vulnerabilities. |
CCI Catalog v2022-04-05 | CCI-001239 | broader | Platform Monitoring | Platform Monitoring | The organization employs malicious code protection mechanisms at information system entry and exit points to detect and eradicate malicious code transported by electronic mail, electronic mail attachments, web accesses, removable media, or other common means or inserted through the exploitation of information system vulnerabilities. |
CCI Catalog v2022-04-05 | CCI-001239 | broader | Process Analysis | Process Analysis | The organization employs malicious code protection mechanisms at information system entry and exit points to detect and eradicate malicious code transported by electronic mail, electronic mail attachments, web accesses, removable media, or other common means or inserted through the exploitation of information system vulnerabilities. |
CCI Catalog v2022-04-05 | CCI-001242 | broader | Dynamic Analysis | Dynamic Analysis | The organization configures malicious code protection mechanisms to perform real-time scans of files from external sources at endpoints as the files are downloaded, opened, or executed in accordance with organizational security policy. |
CCI Catalog v2022-04-05 | CCI-001242 | broader | Emulated File Analysis | Emulated File Analysis | The organization configures malicious code protection mechanisms to perform real-time scans of files from external sources at endpoints as the files are downloaded, opened, or executed in accordance with organizational security policy. |
CCI Catalog v2022-04-05 | CCI-001242 | broader | File Content Rules | File Content Rules | The organization configures malicious code protection mechanisms to perform real-time scans of files from external sources at endpoints as the files are downloaded, opened, or executed in accordance with organizational security policy. |
CCI Catalog v2022-04-05 | CCI-001262 | narrower | Inbound Traffic Filtering | Inbound Traffic Filtering | The information system monitors inbound and outbound communications for unusual or unauthorized activities or conditions. |
CCI Catalog v2022-04-05 | CCI-001262 | narrower | Outbound Traffic Filtering | Outbound Traffic Filtering | The information system monitors inbound and outbound communications for unusual or unauthorized activities or conditions. |
CCI Catalog v2022-04-05 | CCI-001297 | broader | Driver Load Integrity Checking | Driver Load Integrity Checking | The information system detects unauthorized changes to software and information. |
CCI Catalog v2022-04-05 | CCI-001297 | broader | File Hashing | File Hashing | The information system detects unauthorized changes to software and information. |
CCI Catalog v2022-04-05 | CCI-001297 | broader | Pointer Authentication | Pointer Authentication | The information system detects unauthorized changes to software and information. |
CCI Catalog v2022-04-05 | CCI-001297 | broader | TPM Boot Integrity | TPM Boot Integrity | The information system detects unauthorized changes to software and information. |
CCI Catalog v2022-04-05 | CCI-001305 | broader | Message Authentication | Message Authentication | The organization employs spam protection mechanisms at information system entry and exit points to detect and take action on unsolicited messages transported by electronic mail, electronic mail attachments, web accesses, removable media, or other common means. |
CCI Catalog v2022-04-05 | CCI-001305 | broader | Sender MTA Reputation Analysis | Sender MTA Reputation Analysis | The organization employs spam protection mechanisms at information system entry and exit points to detect and take action on unsolicited messages transported by electronic mail, electronic mail attachments, web accesses, removable media, or other common means. |
CCI Catalog v2022-04-05 | CCI-001305 | broader | Sender Reputation Analysis | Sender Reputation Analysis | The organization employs spam protection mechanisms at information system entry and exit points to detect and take action on unsolicited messages transported by electronic mail, electronic mail attachments, web accesses, removable media, or other common means. |
CCI Catalog v2022-04-05 | CCI-001305 | broader | Transfer Agent Authentication | Transfer Agent Authentication | The organization employs spam protection mechanisms at information system entry and exit points to detect and take action on unsolicited messages transported by electronic mail, electronic mail attachments, web accesses, removable media, or other common means. |
CCI Catalog v2022-04-05 | CCI-001310 | broader | Database Query String Analysis | Database Query String Analysis | The information system checks the validity of organization-defined inputs. |
CCI Catalog v2022-04-05 | CCI-001350 | narrower | File Encryption | File Encryption | The information system implements cryptographic mechanisms to protect the integrity of audit information. |
CCI Catalog v2022-04-05 | CCI-001356 | exactly | Authentication Event Thresholding | Authentication Event Thresholding | The organization monitors for atypical usage of information system accounts. |
CCI Catalog v2022-04-05 | CCI-001356 | exactly | Authorization Event Thresholding | Authorization Event Thresholding | The organization monitors for atypical usage of information system accounts. |
CCI Catalog v2022-04-05 | CCI-001368 | narrower | Inbound Traffic Filtering | Inbound Traffic Filtering | The information system enforces approved authorizations for controlling the flow of information within the system based on organization-defined information flow control policies. |
CCI Catalog v2022-04-05 | CCI-001368 | narrower | Outbound Traffic Filtering | Outbound Traffic Filtering | The information system enforces approved authorizations for controlling the flow of information within the system based on organization-defined information flow control policies. |
CCI Catalog v2022-04-05 | CCI-001372 | narrower | Inbound Traffic Filtering | Inbound Traffic Filtering | The information system, when transferring information between different security domains, implements organization-defined security policy filters requiring fully enumerated formats that restrict data structure and content. |
CCI Catalog v2022-04-05 | CCI-001372 | narrower | Outbound Traffic Filtering | Outbound Traffic Filtering | The information system, when transferring information between different security domains, implements organization-defined security policy filters requiring fully enumerated formats that restrict data structure and content. |
CCI Catalog v2022-04-05 | CCI-001373 | narrower | Inbound Traffic Filtering | Inbound Traffic Filtering | The information system, when transferring information between different security domains, examines the information for the presence of organization-defined unsanctioned information. |
CCI Catalog v2022-04-05 | CCI-001373 | narrower | Outbound Traffic Filtering | Outbound Traffic Filtering | The information system, when transferring information between different security domains, examines the information for the presence of organization-defined unsanctioned information. |
CCI Catalog v2022-04-05 | CCI-001374 | narrower | Inbound Traffic Filtering | Inbound Traffic Filtering | The information system, when transferring information between different security domains, prohibits the transfer of organization-defined unsanctioned information in accordance with the organization-defined security policy. |
CCI Catalog v2022-04-05 | CCI-001374 | narrower | Outbound Traffic Filtering | Outbound Traffic Filtering | The information system, when transferring information between different security domains, prohibits the transfer of organization-defined unsanctioned information in accordance with the organization-defined security policy. |
CCI Catalog v2022-04-05 | CCI-001376 | narrower | Domain Trust Policy | Domain Trust Policy | The information system uniquely identifies source domains for information transfer. |
CCI Catalog v2022-04-05 | CCI-001377 | narrower | Domain Trust Policy | Domain Trust Policy | The information system uniquely authenticates source domains for information transfer. |
CCI Catalog v2022-04-05 | CCI-001399 | broader | User Account Permissions | User Account Permissions | The information system supports and maintains the binding of organization-defined security attributes to information in storage. |
CCI Catalog v2022-04-05 | CCI-001400 | broader | User Account Permissions | User Account Permissions | The information system supports and maintains the binding of organization-defined security attributes to information in process. |
CCI Catalog v2022-04-05 | CCI-001401 | broader | User Account Permissions | User Account Permissions | The information system supports and maintains the binding of organization-defined security attributes to information in transmission. |
CCI Catalog v2022-04-05 | CCI-001403 | exactly | Domain Account Monitoring | Domain Account Monitoring | The information system automatically audits account modification actions. |
CCI Catalog v2022-04-05 | CCI-001404 | exactly | Domain Account Monitoring | Domain Account Monitoring | The information system automatically audits account disabling actions. |
CCI Catalog v2022-04-05 | CCI-001405 | exactly | Domain Account Monitoring | Domain Account Monitoring | The information system automatically audits account removal actions. |
CCI Catalog v2022-04-05 | CCI-001414 | narrower | Inbound Traffic Filtering | Inbound Traffic Filtering | The information system enforces approved authorizations for controlling the flow of information between interconnected systems based on organization-defined information flow control policies. |
CCI Catalog v2022-04-05 | CCI-001414 | narrower | Outbound Traffic Filtering | Outbound Traffic Filtering | The information system enforces approved authorizations for controlling the flow of information between interconnected systems based on organization-defined information flow control policies. |
CCI Catalog v2022-04-05 | CCI-001424 | broader | User Account Permissions | User Account Permissions | The information system dynamically associates security attributes with organization-defined subjects in accordance with organization-defined security policies as information is created and combined. |
CCI Catalog v2022-04-05 | CCI-001425 | broader | User Account Permissions | User Account Permissions | The information system provides authorized individuals (or processes acting on behalf of individuals) the capability to change the value of associated security attributes. |
CCI Catalog v2022-04-05 | CCI-001426 | broader | User Account Permissions | User Account Permissions | The information system maintains the binding of security attributes to information with sufficient assurance that the information--attribute association can be used as the basis for automated policy actions. |
CCI Catalog v2022-04-05 | CCI-001427 | broader | User Account Permissions | User Account Permissions | The information system allows authorized users to associate security attributes with information. |
CCI Catalog v2022-04-05 | CCI-001428 | broader | User Account Permissions | User Account Permissions | The information system displays security attributes in human-readable form on each object that the system transmits to output devices to identify organization-identified special dissemination, handling, or distribution instructions using organization-identified human-readable, standard naming conventions. |
CCI Catalog v2022-04-05 | CCI-001436 | narrower | Inbound Traffic Filtering | Inbound Traffic Filtering | The organization disables organization-defined networking protocols within the information system deemed to be nonsecure except for explicitly identified components in support of specific operational requirements. |
CCI Catalog v2022-04-05 | CCI-001436 | narrower | Outbound Traffic Filtering | Outbound Traffic Filtering | The organization disables organization-defined networking protocols within the information system deemed to be nonsecure except for explicitly identified components in support of specific operational requirements. |
CCI Catalog v2022-04-05 | CCI-001452 | narrower | Account Locking | Account Locking | The information system enforces the organization-defined time period during which the limit of consecutive invalid access attempts by a user is counted. |
CCI Catalog v2022-04-05 | CCI-001453 | exactly | Encrypted Tunnels | Encrypted Tunnels | The information system implements cryptographic mechanisms to protect the integrity of remote access sessions. |
CCI Catalog v2022-04-05 | CCI-001454 | narrower | Remote Terminal Session Detection | Remote Terminal Session Detection | The organization ensures that remote sessions for accessing an organization-defined list of security functions and security-relevant information are audited. |
CCI Catalog v2022-04-05 | CCI-001494 | narrower | Platform Hardening | Platform Hardening | The information system protects audit tools from unauthorized modification. |
CCI Catalog v2022-04-05 | CCI-001494 | narrower | System Configuration Permissions | System Configuration Permissions | The information system protects audit tools from unauthorized modification. |
CCI Catalog v2022-04-05 | CCI-001495 | narrower | Platform Hardening | Platform Hardening | The information system protects audit tools from unauthorized deletion. |
CCI Catalog v2022-04-05 | CCI-001496 | narrower | File Encryption | File Encryption | The information system implements cryptographic mechanisms to protect the integrity of audit tools. |
CCI Catalog v2022-04-05 | CCI-001499 | narrower | System Configuration Permissions | System Configuration Permissions | The organization limits privileges to change software resident within software libraries. |
CCI Catalog v2022-04-05 | CCI-001499 | narrower | User Account Permissions | User Account Permissions | The organization limits privileges to change software resident within software libraries. |
CCI Catalog v2022-04-05 | CCI-001555 | narrower | Domain Trust Policy | Domain Trust Policy | The information system uniquely identifies destination domains for information transfer. |
CCI Catalog v2022-04-05 | CCI-001556 | narrower | Domain Trust Policy | Domain Trust Policy | The information system uniquely authenticates destination domains for information transfer. |
CCI Catalog v2022-04-05 | CCI-001557 | broader | Network Traffic Analysis | Network Traffic Analysis | The information system tracks problems associated with the information transfer. |
CCI Catalog v2022-04-05 | CCI-001574 | narrower | Inbound Traffic Filtering | Inbound Traffic Filtering | The information system rejects or delays, as defined by the organization, network traffic which exceed the organization-defined thresholds. |
CCI Catalog v2022-04-05 | CCI-001574 | narrower | Outbound Traffic Filtering | Outbound Traffic Filtering | The information system rejects or delays, as defined by the organization, network traffic which exceed the organization-defined thresholds. |
CCI Catalog v2022-04-05 | CCI-001589 | narrower | Operating System Monitoring | Operating System Monitoring | The organization incorporates detection of unauthorized, security-relevant configuration changes into the organization’s incident response capability to ensure they are tracked. |
CCI Catalog v2022-04-05 | CCI-001619 | narrower | Strong Password Policy | Strong Password Policy | The information system enforces password complexity by the minimum number of special characters used. |
CCI Catalog v2022-04-05 | CCI-001632 | exactly | Encrypted Tunnels | Encrypted Tunnels | The organization protects nonlocal maintenance sessions by separating the maintenance session from other network sessions with the information system by either physically separated communications paths or logically separated communications paths based upon encryption. |
CCI Catalog v2022-04-05 | CCI-001662 | narrower | Dynamic Analysis | Dynamic Analysis | The information system takes organization-defined corrective action when organization-defined unacceptable mobile code is identified. |
CCI Catalog v2022-04-05 | CCI-001662 | narrower | Emulated File Analysis | Emulated File Analysis | The information system takes organization-defined corrective action when organization-defined unacceptable mobile code is identified. |
CCI Catalog v2022-04-05 | CCI-001662 | narrower | File Content Rules | File Content Rules | The information system takes organization-defined corrective action when organization-defined unacceptable mobile code is identified. |
CCI Catalog v2022-04-05 | CCI-001668 | broader | File Analysis | File Analysis | The organization employs malicious code protection mechanisms at workstations, servers, or mobile computing devices on the network to detect and eradicate malicious code transported by electronic mail, electronic mail attachments, web accesses, removable media, or other common means or inserted through the exploitation of information system vulnerabilities. |
CCI Catalog v2022-04-05 | CCI-001668 | broader | Network Traffic Analysis | Network Traffic Analysis | The organization employs malicious code protection mechanisms at workstations, servers, or mobile computing devices on the network to detect and eradicate malicious code transported by electronic mail, electronic mail attachments, web accesses, removable media, or other common means or inserted through the exploitation of information system vulnerabilities. |
CCI Catalog v2022-04-05 | CCI-001668 | broader | Platform Monitoring | Platform Monitoring | The organization employs malicious code protection mechanisms at workstations, servers, or mobile computing devices on the network to detect and eradicate malicious code transported by electronic mail, electronic mail attachments, web accesses, removable media, or other common means or inserted through the exploitation of information system vulnerabilities. |
CCI Catalog v2022-04-05 | CCI-001668 | broader | Process Analysis | Process Analysis | The organization employs malicious code protection mechanisms at workstations, servers, or mobile computing devices on the network to detect and eradicate malicious code transported by electronic mail, electronic mail attachments, web accesses, removable media, or other common means or inserted through the exploitation of information system vulnerabilities. |
CCI Catalog v2022-04-05 | CCI-001677 | broader | Message Authentication | Message Authentication | The organization employs spam protection mechanisms at workstations, servers, or mobile computing devices on the network to detect and take action on unsolicited messages transported by electronic mail, electronic mail attachments, web accesses, removable media, or other common means. |
CCI Catalog v2022-04-05 | CCI-001677 | broader | Sender MTA Reputation Analysis | Sender MTA Reputation Analysis | The organization employs spam protection mechanisms at workstations, servers, or mobile computing devices on the network to detect and take action on unsolicited messages transported by electronic mail, electronic mail attachments, web accesses, removable media, or other common means. |
CCI Catalog v2022-04-05 | CCI-001677 | broader | Sender Reputation Analysis | Sender Reputation Analysis | The organization employs spam protection mechanisms at workstations, servers, or mobile computing devices on the network to detect and take action on unsolicited messages transported by electronic mail, electronic mail attachments, web accesses, removable media, or other common means. |
CCI Catalog v2022-04-05 | CCI-001677 | broader | Transfer Agent Authentication | Transfer Agent Authentication | The organization employs spam protection mechanisms at workstations, servers, or mobile computing devices on the network to detect and take action on unsolicited messages transported by electronic mail, electronic mail attachments, web accesses, removable media, or other common means. |
CCI Catalog v2022-04-05 | CCI-001682 | narrower | Account Locking | Account Locking | The information system automatically removes or disables emergency accounts after an organization-defined time period for each type of account. |
CCI Catalog v2022-04-05 | CCI-001683 | narrower | Domain Account Monitoring | Domain Account Monitoring | The information system notifies organization-defined personnel or roles for account creation actions. |
CCI Catalog v2022-04-05 | CCI-001684 | narrower | Domain Account Monitoring | Domain Account Monitoring | The information system notifies organization-defined personnel or roles for account modification actions. |
CCI Catalog v2022-04-05 | CCI-001685 | narrower | Domain Account Monitoring | Domain Account Monitoring | The information system notifies organization-defined personnel or roles for account disabling actions. |
CCI Catalog v2022-04-05 | CCI-001686 | narrower | Domain Account Monitoring | Domain Account Monitoring | The information system notifies organization-defined personnel or roles for account removal actions. |
CCI Catalog v2022-04-05 | CCI-001695 | narrower | Executable Denylisting | Executable Denylisting | The information system prevents the execution of organization-defined unacceptable mobile code. |
CCI Catalog v2022-04-05 | CCI-001744 | broader | Operating System Monitoring | Operating System Monitoring | The information system implements organization-defined security responses automatically if baseline configurations are changed in an unauthorized manner. |
CCI Catalog v2022-04-05 | CCI-001749 | narrower | Executable Allowlisting | Executable Allowlisting | The information system prevents the installation of organization-defined software components without verification the software component has been digitally signed using a certificate that is recognized and approved by the organization. |
CCI Catalog v2022-04-05 | CCI-001749 | narrower | Executable Denylisting | Executable Denylisting | The information system prevents the installation of organization-defined software components without verification the software component has been digitally signed using a certificate that is recognized and approved by the organization. |
CCI Catalog v2022-04-05 | CCI-001762 | narrower | System Configuration Permissions | System Configuration Permissions | The organization disables organization-defined functions, ports, protocols, and services within the information system deemed to be unnecessary and/or nonsecure. |
CCI Catalog v2022-04-05 | CCI-001764 | broader | Executable Allowlisting | Executable Allowlisting | The information system prevents program execution in accordance with organization-defined policies regarding software program usage and restrictions, and/or rules authorizing the terms and conditions of software program usage. |
CCI Catalog v2022-04-05 | CCI-001764 | broader | Executable Denylisting | Executable Denylisting | The information system prevents program execution in accordance with organization-defined policies regarding software program usage and restrictions, and/or rules authorizing the terms and conditions of software program usage. |
CCI Catalog v2022-04-05 | CCI-001767 | narrower | Executable Denylisting | Executable Denylisting | The organization employs an allow-all, deny-by-exception policy to prohibit the execution of unauthorized software programs on the information system. |
CCI Catalog v2022-04-05 | CCI-001774 | narrower | Executable Allowlisting | Executable Allowlisting | The organization employs a deny-all, permit-by-exception policy to allow the execution of authorized software programs on the information system. |
CCI Catalog v2022-04-05 | CCI-001811 | narrower | File Analysis | File Analysis | The information system alerts organization-defined personnel or roles when the unauthorized installation of software is detected. |
CCI Catalog v2022-04-05 | CCI-001812 | narrower | Executable Allowlisting | Executable Allowlisting | The information system prohibits user installation of software without explicit privileged status. |
CCI Catalog v2022-04-05 | CCI-001812 | narrower | Executable Denylisting | Executable Denylisting | The information system prohibits user installation of software without explicit privileged status. |
CCI Catalog v2022-04-05 | CCI-001813 | broader | User Account Permissions | User Account Permissions | The information system enforces access restrictions. |
CCI Catalog v2022-04-05 | CCI-001855 | narrower | System Daemon Monitoring | System Daemon Monitoring | The information system provides a warning to organization-defined personnel, roles, and/or locations within an organization-defined time period when allocated audit record storage volume reaches an organization-defined percentage of repository maximum audit record storage capacity. |
CCI Catalog v2022-04-05 | CCI-001858 | narrower | System Daemon Monitoring | System Daemon Monitoring | The information system provides a real-time alert in an organization-defined real-time period to organization-defined personnel, roles, and/or locations when organization-defined audit failure events requiring real-time alerts occur. |
CCI Catalog v2022-04-05 | CCI-001936 | narrower | Multi-factor Authentication | Multi-factor Authentication | The information system implements multifactor authentication for network access to privileged accounts such that one of the factors is provided by a device separate from the system gaining access. |
CCI Catalog v2022-04-05 | CCI-001937 | narrower | Multi-factor Authentication | Multi-factor Authentication | The device used in the information system implementation of multifactor authentication for network access to privileged accounts meets organization-defined strength of mechanism requirements. |
CCI Catalog v2022-04-05 | CCI-001941 | narrower | One-time Password | One-time Password | The information system implements replay-resistant authentication mechanisms for network access to privileged accounts. |
CCI Catalog v2022-04-05 | CCI-001953 | broader | Biometric Authentication | Biometric Authentication | The information system accepts Personal Identity Verification (PIV) credentials. |
CCI Catalog v2022-04-05 | CCI-001953 | broader | Certificate-based Authentication | Certificate-based Authentication | The information system accepts Personal Identity Verification (PIV) credentials. |
CCI Catalog v2022-04-05 | CCI-001954 | narrower | Biometric Authentication | Biometric Authentication | The information system electronically verifies Personal Identity Verification (PIV) credentials. |
CCI Catalog v2022-04-05 | CCI-001954 | narrower | Certificate-based Authentication | Certificate-based Authentication | The information system electronically verifies Personal Identity Verification (PIV) credentials. |
CCI Catalog v2022-04-05 | CCI-001957 | broader | One-time Password | One-time Password | The information system implements organization-defined out-of-band authentication under organization-defined conditions. |
CCI Catalog v2022-04-05 | CCI-001991 | narrower | Certificate-based Authentication | Certificate-based Authentication | The information system, for PKI-based authentication, implements a local cache of revocation data to support path discovery and validation in case of inability to access revocation information via the network. |
CCI Catalog v2022-04-05 | CCI-002005 | narrower | Biometric Authentication | Biometric Authentication | The information system, for biometric-based authentication, employs mechanisms that satisfy organization-defined biometric quality requirements. |
CCI Catalog v2022-04-05 | CCI-002009 | narrower | Biometric Authentication | Biometric Authentication | The information system accepts Personal Identity Verification (PIV) credentials from other federal agencies. |
CCI Catalog v2022-04-05 | CCI-002009 | narrower | Certificate-based Authentication | Certificate-based Authentication | The information system accepts Personal Identity Verification (PIV) credentials from other federal agencies. |
CCI Catalog v2022-04-05 | CCI-002010 | narrower | Biometric Authentication | Biometric Authentication | The information system electronically verifies Personal Identity Verification (PIV) credentials from other federal agencies. |
CCI Catalog v2022-04-05 | CCI-002010 | narrower | Certificate-based Authentication | Certificate-based Authentication | The information system electronically verifies Personal Identity Verification (PIV) credentials from other federal agencies. |
CCI Catalog v2022-04-05 | CCI-002015 | narrower | Biometric Authentication | Biometric Authentication | The information system accepts Personal Identity Verification-I (PIV-I) credentials. |
CCI Catalog v2022-04-05 | CCI-002015 | narrower | Certificate-based Authentication | Certificate-based Authentication | The information system accepts Personal Identity Verification-I (PIV-I) credentials. |
CCI Catalog v2022-04-05 | CCI-002016 | narrower | Biometric Authentication | Biometric Authentication | The information system electronically verifies Personal Identity Verification-I (PIV-I) credentials. |
CCI Catalog v2022-04-05 | CCI-002016 | narrower | Certificate-based Authentication | Certificate-based Authentication | The information system electronically verifies Personal Identity Verification-I (PIV-I) credentials. |
CCI Catalog v2022-04-05 | CCI-002041 | narrower | Strong Password Policy | Strong Password Policy | The information system allows the use of a temporary password for system logons with an immediate change to a permanent password. |
CCI Catalog v2022-04-05 | CCI-002145 | narrower | User Account Permissions | User Account Permissions | The information system enforces organization-defined circumstances and/or usage conditions for organization-defined information system accounts. |
CCI Catalog v2022-04-05 | CCI-002178 | narrower | System Call Filtering | System Call Filtering | The information system enforces the revocation of access authorizations resulting from changes to the security attributes of subjects based on organization-defined rules governing the timing of revocations of access authorizations. |
CCI Catalog v2022-04-05 | CCI-002179 | narrower | System Call Filtering | System Call Filtering | The information system enforces the revocation of access authorizations resulting from changes to the security attributes of objects based on organization-defined rules governing the timing of revocations of access authorizations. |
CCI Catalog v2022-04-05 | CCI-002201 | narrower | Domain Trust Policy | Domain Trust Policy | The information system, when transferring information between different security domains, uses organization-defined data type identifiers to validate data essential for information flow decisions. |
CCI Catalog v2022-04-05 | CCI-002205 | narrower | Domain Trust Policy | Domain Trust Policy | The information system uniquely identifies and authenticates source by organization, system, application, and/or individual for information transfer. |
CCI Catalog v2022-04-05 | CCI-002207 | narrower | Domain Trust Policy | Domain Trust Policy | The information system uniquely identifies and authenticates destination by organization, system, application, and/or individual for information transfer. |
CCI Catalog v2022-04-05 | CCI-002211 | narrower | Inbound Traffic Filtering | Inbound Traffic Filtering | The information system, when transferring information between different security domains, applies the same security policy filtering to metadata as it applies to data payloads. |
CCI Catalog v2022-04-05 | CCI-002211 | narrower | Outbound Traffic Filtering | Outbound Traffic Filtering | The information system, when transferring information between different security domains, applies the same security policy filtering to metadata as it applies to data payloads. |
CCI Catalog v2022-04-05 | CCI-002218 | narrower | Domain Trust Policy | Domain Trust Policy | The information system provides access from a single device to computing platforms, applications, or data residing on multiple different security domains, while preventing any information flow between the different security domains. |
CCI Catalog v2022-04-05 | CCI-002233 | narrower | Executable Denylisting | Executable Denylisting | The information system prevents organization-defined software from executing at higher privilege levels than users executing the software. |
CCI Catalog v2022-04-05 | CCI-002235 | narrower | System Configuration Permissions | System Configuration Permissions | The information system prevents non-privileged users from executing privileged functions to include disabling, circumventing, or altering implemented security safeguards/countermeasures. |
CCI Catalog v2022-04-05 | CCI-002238 | narrower | Account Locking | Account Locking | The information system automatically locks the account or node for either an organization-defined time period, until the locked account or node is released by an administrator, or delays the next logon prompt according to the organization-defined delay algorithm when the maximum number of unsuccessful logon attempts is exceeded. |
CCI Catalog v2022-04-05 | CCI-002262 | broader | User Account Permissions | User Account Permissions | The organization provides the means to associate organization-defined types of security attributes having organization-defined security attribute values with information in storage. |
CCI Catalog v2022-04-05 | CCI-002263 | broader | User Account Permissions | User Account Permissions | The organization provides the means to associate organization-defined types of security attributes having organization-defined security attribute values with information in process. |
CCI Catalog v2022-04-05 | CCI-002264 | broader | User Account Permissions | User Account Permissions | The organization provides the means to associate organization-defined types of security attributes having organization-defined security attribute values with information in transmission. |
CCI Catalog v2022-04-05 | CCI-002272 | broader | User Account Permissions | User Account Permissions | The information system dynamically associates security attributes with organization-defined objects in accordance with organization-defined security policies as information is created and combined. |
CCI Catalog v2022-04-05 | CCI-002277 | broader | User Account Permissions | User Account Permissions | The information system provides authorized individuals (or processes acting on behalf of individuals) the capability to define the value of associated security attributes. |
CCI Catalog v2022-04-05 | CCI-002281 | broader | User Account Permissions | User Account Permissions | The information system maintains the association of organization-defined security attributes to organization-defined subjects. |
CCI Catalog v2022-04-05 | CCI-002282 | broader | User Account Permissions | User Account Permissions | The information system maintains the association of organization-defined security attributes to organization-defined objects. |
CCI Catalog v2022-04-05 | CCI-002283 | broader | User Account Permissions | User Account Permissions | The information system maintains the integrity of organization-defined security attributes associated with organization-defined subjects. |
CCI Catalog v2022-04-05 | CCI-002284 | broader | User Account Permissions | User Account Permissions | The information system maintains the integrity of organization-defined security attributes associated with organization-defined objects. |
CCI Catalog v2022-04-05 | CCI-002289 | broader | User Account Permissions | User Account Permissions | The information system supports the association of organization-defined security attributes with organization-defined subjects by authorized individuals (or processes acting on behalf of individuals). |
CCI Catalog v2022-04-05 | CCI-002290 | broader | User Account Permissions | User Account Permissions | The information system supports the association of organization-defined security attributes with organization-defined objects by authorized individuals (or processes acting on behalf of individuals). |
CCI Catalog v2022-04-05 | CCI-002302 | broader | User Account Permissions | User Account Permissions | The information system implements organization-defined techniques or technologies with an organization-defined level of assurance in associating security attributes to information. |
CCI Catalog v2022-04-05 | CCI-002306 | broader | System Configuration Permissions | System Configuration Permissions | The information system provides authorized individuals the capability to define or change the type of security attributes available for association with subjects. |
CCI Catalog v2022-04-05 | CCI-002306 | broader | User Account Permissions | User Account Permissions | The information system provides authorized individuals the capability to define or change the type of security attributes available for association with subjects. |
CCI Catalog v2022-04-05 | CCI-002307 | broader | System Configuration Permissions | System Configuration Permissions | The information system provides authorized individuals the capability to define or change the value of security attributes available for association with subjects. |
CCI Catalog v2022-04-05 | CCI-002307 | broader | User Account Permissions | User Account Permissions | The information system provides authorized individuals the capability to define or change the value of security attributes available for association with subjects. |
CCI Catalog v2022-04-05 | CCI-002308 | broader | System Configuration Permissions | System Configuration Permissions | The information system provides authorized individuals the capability to define or change the type of security attributes available for association with objects. |
CCI Catalog v2022-04-05 | CCI-002308 | broader | User Account Permissions | User Account Permissions | The information system provides authorized individuals the capability to define or change the type of security attributes available for association with objects. |
CCI Catalog v2022-04-05 | CCI-002309 | broader | System Configuration Permissions | System Configuration Permissions | The information system provides authorized individuals the capability to define or change the value of security attributes available for association with objects. |
CCI Catalog v2022-04-05 | CCI-002309 | broader | User Account Permissions | User Account Permissions | The information system provides authorized individuals the capability to define or change the value of security attributes available for association with objects. |
CCI Catalog v2022-04-05 | CCI-002322 | narrower | Remote Terminal Session Detection | Remote Terminal Session Detection | The organization provides the capability to expeditiously disconnect or disable remote access to the information system within the organization-defined time period. |
CCI Catalog v2022-04-05 | CCI-002346 | broader | Database Query String Analysis | Database Query String Analysis | The organization employs organization-defined data mining prevention techniques for organization-defined data storage objects to adequately protect against data mining. |
CCI Catalog v2022-04-05 | CCI-002346 | broader | Disk Encryption | Disk Encryption | The organization employs organization-defined data mining prevention techniques for organization-defined data storage objects to adequately protect against data mining. |
CCI Catalog v2022-04-05 | CCI-002346 | broader | File Encryption | File Encryption | The organization employs organization-defined data mining prevention techniques for organization-defined data storage objects to adequately protect against data mining. |
CCI Catalog v2022-04-05 | CCI-002347 | broader | File Access Pattern Analysis | File Access Pattern Analysis | The organization employs organization-defined data mining detection techniques for organization-defined data storage objects to adequately detect data mining attempts. |
CCI Catalog v2022-04-05 | CCI-002347 | broader | Input Device Analysis | Input Device Analysis | The organization employs organization-defined data mining detection techniques for organization-defined data storage objects to adequately detect data mining attempts. |
CCI Catalog v2022-04-05 | CCI-002347 | broader | Resource Access Pattern Analysis | Resource Access Pattern Analysis | The organization employs organization-defined data mining detection techniques for organization-defined data storage objects to adequately detect data mining attempts. |
CCI Catalog v2022-04-05 | CCI-002347 | broader | User Data Transfer Analysis | User Data Transfer Analysis | The organization employs organization-defined data mining detection techniques for organization-defined data storage objects to adequately detect data mining attempts. |
CCI Catalog v2022-04-05 | CCI-002353 | broader | User Account Permissions | User Account Permissions | The information system transmits organization-defined access authorization information using organization-defined security safeguards to organization-defined information systems which enforce access control decisions. |
CCI Catalog v2022-04-05 | CCI-002355 | broader | User Account Permissions | User Account Permissions | The information system enforces access control decisions based on organization-defined security attributes that do not include the identity of the user or process acting on behalf of the user. |
CCI Catalog v2022-04-05 | CCI-002357 | narrower | User Account Permissions | User Account Permissions | The information system implements a reference monitor for organization-defined access control policies that is tamperproof. |
CCI Catalog v2022-04-05 | CCI-002358 | narrower | User Account Permissions | User Account Permissions | The information system implements a reference monitor for organization-defined access control policies that is always invoked. |
CCI Catalog v2022-04-05 | CCI-002359 | narrower | User Account Permissions | User Account Permissions | The information system implements a reference monitor for organization-defined access control policies that is small enough to be subject to analysis and testing, the completeness of which can be assured. |
CCI Catalog v2022-04-05 | CCI-002361 | narrower | Process Termination | Process Termination | The information system automatically terminates a user session after organization-defined conditions or trigger events requiring session disconnect. |
CCI Catalog v2022-04-05 | CCI-002363 | narrower | Process Termination | Process Termination | The information system provides a logout capability for user-initiated communications sessions whenever authentication is used to gain access to organization-defined information resources. |
CCI Catalog v2022-04-05 | CCI-002364 | narrower | Process Termination | Process Termination | The information system displays an explicit logout message to users indicating the reliable termination of authenticated communications sessions. |
CCI Catalog v2022-04-05 | CCI-002381 | broader | Hardware-based Process Isolation | Hardware-based Process Isolation | The organization minimizes the number of nonsecurity functions included within the isolation boundary containing security functions. |
CCI Catalog v2022-04-05 | CCI-002381 | broader | Kernel-based Process Isolation | Kernel-based Process Isolation | The organization minimizes the number of nonsecurity functions included within the isolation boundary containing security functions. |
CCI Catalog v2022-04-05 | CCI-002382 | broader | Hardware-based Process Isolation | Hardware-based Process Isolation | The organization implements security functions as largely independent modules that maximize internal cohesiveness within modules and minimize coupling between modules. |
CCI Catalog v2022-04-05 | CCI-002382 | broader | Kernel-based Process Isolation | Kernel-based Process Isolation | The organization implements security functions as largely independent modules that maximize internal cohesiveness within modules and minimize coupling between modules. |
CCI Catalog v2022-04-05 | CCI-002384 | narrower | Network Traffic Filtering | Network Traffic Filtering | The information system prevents unauthorized information transfer via shared resources in accordance with organization-defined procedures when system processing explicitly switches between different information classification levels or security categories. |
CCI Catalog v2022-04-05 | CCI-002385 | narrower | Inbound Traffic Filtering | Inbound Traffic Filtering | The information system protects against or limits the effects of organization-defined types of denial of service attacks by employing organization-defined security safeguards. |
CCI Catalog v2022-04-05 | CCI-002385 | narrower | Outbound Traffic Filtering | Outbound Traffic Filtering | The information system protects against or limits the effects of organization-defined types of denial of service attacks by employing organization-defined security safeguards. |
CCI Catalog v2022-04-05 | CCI-002394 | narrower | System Configuration Permissions | System Configuration Permissions | The information system protects the availability of resources by allocating organization-defined resources based on priority, quota, and/or organization-defined security safeguards. |
CCI Catalog v2022-04-05 | CCI-002397 | narrower | Inbound Traffic Filtering | Inbound Traffic Filtering | The information system, in conjunction with a remote device, prevents the device from simultaneously establishing non-remote connections with the system and communicating via some other connection to resources in external networks. |
CCI Catalog v2022-04-05 | CCI-002397 | narrower | Outbound Traffic Filtering | Outbound Traffic Filtering | The information system, in conjunction with a remote device, prevents the device from simultaneously establishing non-remote connections with the system and communicating via some other connection to resources in external networks. |
CCI Catalog v2022-04-05 | CCI-002400 | narrower | Outbound Traffic Filtering | Outbound Traffic Filtering | The information system audits the identity of internal users associated with denied outgoing communications traffic posing a threat to external information systems. |
CCI Catalog v2022-04-05 | CCI-002403 | narrower | Inbound Traffic Filtering | Inbound Traffic Filtering | The information system only allows incoming communications from organization-defined authorized sources routed to organization-defined authorized destinations. |
CCI Catalog v2022-04-05 | CCI-002403 | narrower | Outbound Traffic Filtering | Outbound Traffic Filtering | The information system only allows incoming communications from organization-defined authorized sources routed to organization-defined authorized destinations. |
CCI Catalog v2022-04-05 | CCI-002409 | narrower | Inbound Traffic Filtering | Inbound Traffic Filtering | The information system blocks both inbound and outbound communications traffic between organization-defined communication clients that are independently configured by end users and external service providers. |
CCI Catalog v2022-04-05 | CCI-002409 | narrower | Outbound Traffic Filtering | Outbound Traffic Filtering | The information system blocks both inbound and outbound communications traffic between organization-defined communication clients that are independently configured by end users and external service providers. |
CCI Catalog v2022-04-05 | CCI-002411 | broader | Hardware-based Process Isolation | Hardware-based Process Isolation | The information system provides the capability to dynamically isolate/segregate organization-defined information system components from other components of the system. |
CCI Catalog v2022-04-05 | CCI-002411 | broader | IO Port Restriction | IO Port Restriction | The information system provides the capability to dynamically isolate/segregate organization-defined information system components from other components of the system. |
CCI Catalog v2022-04-05 | CCI-002411 | broader | Kernel-based Process Isolation | Kernel-based Process Isolation | The information system provides the capability to dynamically isolate/segregate organization-defined information system components from other components of the system. |
CCI Catalog v2022-04-05 | CCI-002420 | narrower | Encrypted Tunnels | Encrypted Tunnels | The information system maintains the confidentiality and/or integrity of information during preparation for transmission. |
CCI Catalog v2022-04-05 | CCI-002421 | broader | Encrypted Tunnels | Encrypted Tunnels | The information system implements cryptographic mechanisms to prevent unauthorized disclosure of information and/or detect changes to information during transmission unless otherwise protected by organization-defined alternative physical safeguards. |
CCI Catalog v2022-04-05 | CCI-002422 | narrower | Encrypted Tunnels | Encrypted Tunnels | The information system maintains the confidentiality and/or integrity of information during reception. |
CCI Catalog v2022-04-05 | CCI-002423 | narrower | Encrypted Tunnels | Encrypted Tunnels | The information system implements cryptographic mechanisms to protect message externals (e.g., message headers and routing information) unless otherwise protected by organization-defined alternative physical safeguards. |
CCI Catalog v2022-04-05 | CCI-002425 | narrower | Encrypted Tunnels | Encrypted Tunnels | The information system implements cryptographic mechanisms to conceal or randomize communication patterns unless otherwise protected by organization-defined alternative physical safeguards. |
CCI Catalog v2022-04-05 | CCI-002426 | broader | Encrypted Tunnels | Encrypted Tunnels | The information system provides a trusted communications path that is logically isolated and distinguishable from other paths. |
CCI Catalog v2022-04-05 | CCI-002460 | narrower | Executable Denylisting | Executable Denylisting | The information system enforces organization-defined actions prior to executing mobile code. |
CCI Catalog v2022-04-05 | CCI-002462 | narrower | Domain Trust Policy | Domain Trust Policy | The information system provides additional data integrity verification artifacts along with the authoritative name resolution data the system returns in response to external name/address resolution queries. |
CCI Catalog v2022-04-05 | CCI-002463 | narrower | Domain Trust Policy | Domain Trust Policy | The information system provides data origin artifacts for internal name/address resolution queries. |
CCI Catalog v2022-04-05 | CCI-002464 | narrower | Domain Trust Policy | Domain Trust Policy | The information system provides data integrity protection artifacts for internal name/address resolution queries. |
CCI Catalog v2022-04-05 | CCI-002465 | narrower | Domain Trust Policy | Domain Trust Policy | The information system requests data origin authentication verification on the name/address resolution responses the system receives from authoritative sources. |
CCI Catalog v2022-04-05 | CCI-002466 | narrower | Domain Trust Policy | Domain Trust Policy | The information system requests data integrity verification on the name/address resolution responses the system receives from authoritative sources. |
CCI Catalog v2022-04-05 | CCI-002467 | narrower | DNS Traffic Analysis | DNS Traffic Analysis | The information system performs data integrity verification on the name/address resolution responses the system receives from authoritative sources. |
CCI Catalog v2022-04-05 | CCI-002468 | narrower | DNS Traffic Analysis | DNS Traffic Analysis | The information system performs data origin verification authentication on the name/address resolution responses the system receives from authoritative sources. |
CCI Catalog v2022-04-05 | CCI-002470 | narrower | Certificate Pinning | Certificate Pinning | The information system only allows the use of organization-defined certificate authorities for verification of the establishment of protected sessions. |
CCI Catalog v2022-04-05 | CCI-002470 | narrower | Certificate-based Authentication | Certificate-based Authentication | The information system only allows the use of organization-defined certificate authorities for verification of the establishment of protected sessions. |
CCI Catalog v2022-04-05 | CCI-002475 | narrower | Disk Encryption | Disk Encryption | The information system implements cryptographic mechanisms to prevent unauthorized modification of organization-defined information at rest on organization-defined information system components. |
CCI Catalog v2022-04-05 | CCI-002475 | narrower | File Encryption | File Encryption | The information system implements cryptographic mechanisms to prevent unauthorized modification of organization-defined information at rest on organization-defined information system components. |
CCI Catalog v2022-04-05 | CCI-002476 | narrower | Disk Encryption | Disk Encryption | The information system implements cryptographic mechanisms to prevent unauthorized disclosure of organization-defined information at rest on organization-defined information system components. |
CCI Catalog v2022-04-05 | CCI-002476 | narrower | File Encryption | File Encryption | The information system implements cryptographic mechanisms to prevent unauthorized disclosure of organization-defined information at rest on organization-defined information system components. |
CCI Catalog v2022-04-05 | CCI-002530 | broader | Hardware-based Process Isolation | Hardware-based Process Isolation | The information system maintains a separate execution domain for each executing process. |
CCI Catalog v2022-04-05 | CCI-002530 | broader | Kernel-based Process Isolation | Kernel-based Process Isolation | The information system maintains a separate execution domain for each executing process. |
CCI Catalog v2022-04-05 | CCI-002531 | broader | Hardware-based Process Isolation | Hardware-based Process Isolation | The information system implements underlying hardware separation mechanisms to facilitate process separation. |
CCI Catalog v2022-04-05 | CCI-002533 | narrower | Kernel-based Process Isolation | Kernel-based Process Isolation | The information system maintains a separate execution domain for each thread in organization-defined multi-threaded processing. |
CCI Catalog v2022-04-05 | CCI-002536 | broader | RF Shielding | RF Shielding | The information system protects organization-defined external and internal wireless links from organization-defined types of signal parameter attacks or references to sources for such attacks. |
CCI Catalog v2022-04-05 | CCI-002546 | broader | IO Port Restriction | IO Port Restriction | The organization physically disables or removes organization-defined connection ports or input/output devices on organization-defined information systems or information system components. |
CCI Catalog v2022-04-05 | CCI-002605 | narrower | Software Update | Software Update | The organization installs security-relevant software updates within an organization-defined time period of the release of the updates. |
CCI Catalog v2022-04-05 | CCI-002607 | narrower | Software Update | Software Update | The organization installs security-relevant firmware updates within an organization-defined time period of the release of the updates. |
CCI Catalog v2022-04-05 | CCI-002613 | narrower | Software Update | Software Update | The organization installs organization-defined security-relevant software updates automatically to organization-defined information system components. |
CCI Catalog v2022-04-05 | CCI-002614 | narrower | Software Update | Software Update | The organization installs organization-defined security-relevant firmware updates automatically to organization-defined information system components. |
CCI Catalog v2022-04-05 | CCI-002617 | narrower | Software Update | Software Update | The organization removes organization-defined software components (e.g., previous versions) after updated versions have been installed. |
CCI Catalog v2022-04-05 | CCI-002618 | narrower | Software Update | Software Update | The organization removes organization-defined firmware components (e.g., previous versions) after updated versions have been installed. |
CCI Catalog v2022-04-05 | CCI-002630 | broader | Script Execution Analysis | Script Execution Analysis | The information system detects organization-defined unauthorized operating system commands through the kernel application programming interface at organization-defined information system hardware components. |
CCI Catalog v2022-04-05 | CCI-002631 | narrower | Script Execution Analysis | Script Execution Analysis | The information system issues a warning, audits the command execution, or prevents the execution of the command when organization-defined unauthorized operating system commands are detected. |
CCI Catalog v2022-04-05 | CCI-002661 | narrower | Inbound Traffic Filtering | Inbound Traffic Filtering | The information system monitors inbound communications traffic per organization-defined frequency for unusual or unauthorized activities or conditions. |
CCI Catalog v2022-04-05 | CCI-002662 | narrower | Outbound Traffic Filtering | Outbound Traffic Filtering | The information system monitors outbound communications traffic per organization-defined frequency for unusual or unauthorized activities or conditions. |
CCI Catalog v2022-04-05 | CCI-002684 | broader | Network Traffic Analysis | Network Traffic Analysis | The information system audits and/or alerts organization-defined personnel when unauthorized network services are detected. |
CCI Catalog v2022-04-05 | CCI-002684 | broader | Platform Monitoring | Platform Monitoring | The information system audits and/or alerts organization-defined personnel when unauthorized network services are detected. |
CCI Catalog v2022-04-05 | CCI-002688 | broader | File Content Rules | File Content Rules | The information system discovers indicators of compromise. |
CCI Catalog v2022-04-05 | CCI-002689 | broader | File Content Rules | File Content Rules | The information system collects indicators of compromise. |
CCI Catalog v2022-04-05 | CCI-002690 | broader | File Content Rules | File Content Rules | The information system distributes indicators of compromise. |
CCI Catalog v2022-04-05 | CCI-002691 | broader | File Content Rules | File Content Rules | The information system uses indicators of compromise. |
CCI Catalog v2022-04-05 | CCI-002710 | broader | Driver Load Integrity Checking | Driver Load Integrity Checking | The information system performs an integrity check of organization-defined software at startup, at organization-defined transitional states or security-relevant events, or on an organization-defined frequency. |
CCI Catalog v2022-04-05 | CCI-002710 | broader | File Hashing | File Hashing | The information system performs an integrity check of organization-defined software at startup, at organization-defined transitional states or security-relevant events, or on an organization-defined frequency. |
CCI Catalog v2022-04-05 | CCI-002710 | broader | Pointer Authentication | Pointer Authentication | The information system performs an integrity check of organization-defined software at startup, at organization-defined transitional states or security-relevant events, or on an organization-defined frequency. |
CCI Catalog v2022-04-05 | CCI-002710 | broader | TPM Boot Integrity | TPM Boot Integrity | The information system performs an integrity check of organization-defined software at startup, at organization-defined transitional states or security-relevant events, or on an organization-defined frequency. |
CCI Catalog v2022-04-05 | CCI-002711 | broader | TPM Boot Integrity | TPM Boot Integrity | The information system performs an integrity check of organization-defined firmware at startup, at organization-defined transitional states or security-relevant events, or on an organization-defined frequency. |
CCI Catalog v2022-04-05 | CCI-002712 | broader | Driver Load Integrity Checking | Driver Load Integrity Checking | The information system performs an integrity check of organization-defined information at startup, at organization-defined transitional states or security-relevant events, or on an organization-defined frequency. |
CCI Catalog v2022-04-05 | CCI-002712 | broader | File Hashing | File Hashing | The information system performs an integrity check of organization-defined information at startup, at organization-defined transitional states or security-relevant events, or on an organization-defined frequency. |
CCI Catalog v2022-04-05 | CCI-002712 | broader | Pointer Authentication | Pointer Authentication | The information system performs an integrity check of organization-defined information at startup, at organization-defined transitional states or security-relevant events, or on an organization-defined frequency. |
CCI Catalog v2022-04-05 | CCI-002712 | broader | TPM Boot Integrity | TPM Boot Integrity | The information system performs an integrity check of organization-defined information at startup, at organization-defined transitional states or security-relevant events, or on an organization-defined frequency. |
CCI Catalog v2022-04-05 | CCI-002715 | narrower | Driver Load Integrity Checking | Driver Load Integrity Checking | The information system automatically shuts the information system down, restarts the information system, and/or implements organization-defined security safeguards when integrity violations are discovered. |
CCI Catalog v2022-04-05 | CCI-002715 | narrower | File Hashing | File Hashing | The information system automatically shuts the information system down, restarts the information system, and/or implements organization-defined security safeguards when integrity violations are discovered. |
CCI Catalog v2022-04-05 | CCI-002715 | narrower | Pointer Authentication | Pointer Authentication | The information system automatically shuts the information system down, restarts the information system, and/or implements organization-defined security safeguards when integrity violations are discovered. |
CCI Catalog v2022-04-05 | CCI-002715 | narrower | TPM Boot Integrity | TPM Boot Integrity | The information system automatically shuts the information system down, restarts the information system, and/or implements organization-defined security safeguards when integrity violations are discovered. |
CCI Catalog v2022-04-05 | CCI-002716 | broader | File Hashing | File Hashing | The information system implements cryptographic mechanisms to detect unauthorized changes to software. |
CCI Catalog v2022-04-05 | CCI-002717 | broader | File Hashing | File Hashing | The information system implements cryptographic mechanisms to detect unauthorized changes to firmware. |
CCI Catalog v2022-04-05 | CCI-002718 | broader | File Hashing | File Hashing | The information system implements cryptographic mechanisms to detect unauthorized changes to information. |
CCI Catalog v2022-04-05 | CCI-002723 | narrower | Driver Load Integrity Checking | Driver Load Integrity Checking | The information system, upon detection of a potential integrity violation, provides the capability to audit the event. |
CCI Catalog v2022-04-05 | CCI-002723 | narrower | File Hashing | File Hashing | The information system, upon detection of a potential integrity violation, provides the capability to audit the event. |
CCI Catalog v2022-04-05 | CCI-002723 | narrower | Pointer Authentication | Pointer Authentication | The information system, upon detection of a potential integrity violation, provides the capability to audit the event. |
CCI Catalog v2022-04-05 | CCI-002723 | narrower | TPM Boot Integrity | TPM Boot Integrity | The information system, upon detection of a potential integrity violation, provides the capability to audit the event. |
CCI Catalog v2022-04-05 | CCI-002724 | narrower | Driver Load Integrity Checking | Driver Load Integrity Checking | The information system, upon detection of a potential integrity violation, initiates one or more of the following actions: generates an audit record; alerts the current user; alerts organization-defined personnel or roles; and/or organization-defined other actions. |
CCI Catalog v2022-04-05 | CCI-002724 | narrower | File Hashing | File Hashing | The information system, upon detection of a potential integrity violation, initiates one or more of the following actions: generates an audit record; alerts the current user; alerts organization-defined personnel or roles; and/or organization-defined other actions. |
CCI Catalog v2022-04-05 | CCI-002724 | narrower | Pointer Authentication | Pointer Authentication | The information system, upon detection of a potential integrity violation, initiates one or more of the following actions: generates an audit record; alerts the current user; alerts organization-defined personnel or roles; and/or organization-defined other actions. |
CCI Catalog v2022-04-05 | CCI-002724 | narrower | TPM Boot Integrity | TPM Boot Integrity | The information system, upon detection of a potential integrity violation, initiates one or more of the following actions: generates an audit record; alerts the current user; alerts organization-defined personnel or roles; and/or organization-defined other actions. |
CCI Catalog v2022-04-05 | CCI-002726 | broader | Driver Load Integrity Checking | Driver Load Integrity Checking | The information system verifies the integrity of the boot process of organization-defined devices. |
CCI Catalog v2022-04-05 | CCI-002726 | broader | TPM Boot Integrity | TPM Boot Integrity | The information system verifies the integrity of the boot process of organization-defined devices. |
CCI Catalog v2022-04-05 | CCI-002729 | broader | Driver Load Integrity Checking | Driver Load Integrity Checking | The information system implements organization-defined security safeguards to protect the integrity of boot firmware in organization-defined devices. |
CCI Catalog v2022-04-05 | CCI-002729 | broader | TPM Boot Integrity | TPM Boot Integrity | The information system implements organization-defined security safeguards to protect the integrity of boot firmware in organization-defined devices. |
CCI Catalog v2022-04-05 | CCI-002740 | narrower | Executable Allowlisting | Executable Allowlisting | The information system implements cryptographic mechanisms to authenticate organization-defined software or firmware components prior to installation. |
CCI Catalog v2022-04-05 | CCI-002743 | broader | Sender MTA Reputation Analysis | Sender MTA Reputation Analysis | The information system implements spam protection mechanisms with a learning capability to more effectively identify legitimate communications traffic. |
CCI Catalog v2022-04-05 | CCI-002743 | broader | Sender Reputation Analysis | Sender Reputation Analysis | The information system implements spam protection mechanisms with a learning capability to more effectively identify legitimate communications traffic. |
CCI Catalog v2022-04-05 | CCI-002746 | narrower | Database Query String Analysis | Database Query String Analysis | The information system provides a manual override capability for input validation of organization-defined inputs. |
CCI Catalog v2022-04-05 | CCI-002748 | narrower | Database Query String Analysis | Database Query String Analysis | The information system restricts the use of the manual override capability to only organization-defined authorized individuals. |
CCI Catalog v2022-04-05 | CCI-002749 | narrower | Database Query String Analysis | Database Query String Analysis | The information system audits the use of the manual override capability. |
CCI Catalog v2022-04-05 | CCI-002771 | narrower | Outbound Traffic Filtering | Outbound Traffic Filtering | The information system validates information output from organization-defined software programs and/or applications to ensure that the information is consistent with the expected content. |
CCI Catalog v2022-04-05 | CCI-002824 | broader | Dead Code Elimination | Dead Code Elimination | The information system implements organization-defined security safeguards to protect its memory from unauthorized code execution. |
CCI Catalog v2022-04-05 | CCI-002824 | broader | Process Segment Execution Prevention | Process Segment Execution Prevention | The information system implements organization-defined security safeguards to protect its memory from unauthorized code execution. |
CCI Catalog v2022-04-05 | CCI-002824 | broader | Segment Address Offset Randomization | Segment Address Offset Randomization | The information system implements organization-defined security safeguards to protect its memory from unauthorized code execution. |
CCI Catalog v2022-04-05 | CCI-002824 | broader | Stack Frame Canary Validation | Stack Frame Canary Validation | The information system implements organization-defined security safeguards to protect its memory from unauthorized code execution. |
CCI Catalog v2022-04-05 | CCI-002883 | narrower | User Account Permissions | User Account Permissions | The information system restricts the use of maintenance tools to authorized personnel only. |
CCI Catalog v2022-04-05 | CCI-002890 | narrower | Encrypted Tunnels | Encrypted Tunnels | The information system implements cryptographic mechanisms to protect the integrity of nonlocal maintenance and diagnostic communications. |
CCI Catalog v2022-04-05 | CCI-002891 | narrower | Remote Terminal Session Detection | Remote Terminal Session Detection | The information system implements remote disconnect verification at the termination of nonlocal maintenance and diagnostic sessions. |
CCI Catalog v2022-04-05 | CCI-003123 | narrower | Encrypted Tunnels | Encrypted Tunnels | The information system implements cryptographic mechanisms to protect the confidentiality of nonlocal maintenance and diagnostic communications. |