The organization: a. Develops, documents, and disseminates to {{ insert: param, sc-1_prm_1 }}: 1. A system and communications protection policy that addresses purpose, scope, roles, responsib...

The information system separates user functionality (including user interface services) from information system management functionality.

The information system prevents the presentation of information system management-related functionality at an interface for non-privileged users.

The information system isolates security functions from nonsecurity functions.

The information system utilizes underlying hardware separation mechanisms to implement security function isolation.

The information system isolates security functions enforcing access and information flow control from nonsecurity functions and from other security functions.

The organization minimizes the number of nonsecurity functions included within the isolation boundary containing security functions.

The organization implements security functions as largely independent modules that maximize internal cohesiveness within modules and minimize coupling between modules.

The organization implements security functions as a layered structure minimizing interactions between layers of the design and avoiding any dependence by lower layers on the functionality or correc...

The information system prevents unauthorized and unintended information transfer via shared system resources.

The information system prevents unauthorized information transfer via shared resources in accordance with {{ insert: param, sc-4.2_prm_1 }} when system processing explicitly switches between differ...

The information system protects against or limits the effects of the following types of denial of service attacks: {{ insert: param, sc-5_prm_1 }} by employing {{ insert: param, sc-5_prm_2 }}.

The information system restricts the ability of individuals to launch {{ insert: param, sc-5.1_prm_1 }} against other information systems.

The information system manages excess capacity, bandwidth, or other redundancy to limit the effects of information flooding denial of service attacks.

The organization: (a) Employs {{ insert: param, sc-5.3_prm_1 }} to detect indicators of denial of service attacks against the information system; and (b) Monitors {{ insert: param, sc-5.3_prm_2...

The information system protects the availability of resources by allocating {{ insert: param, sc-6_prm_1 }} by {{ insert: param, sc-6_prm_2 }}.

The information system: a. Monitors and controls communications at the external boundary of the system and at key internal boundaries within the system; b. Implements subnetworks for publicly a...

The organization limits the number of external network connections to the information system.

The organization: (a) Implements a managed interface for each external telecommunication service; (b) Establishes a traffic flow policy for each managed interface; (c) Protects the confidenti...

The information system at managed interfaces denies network communications traffic by default and allows network communications traffic by exception (i.e., deny all, permit by exception).

The information system, in conjunction with a remote device, prevents the device from simultaneously establishing non-remote connections with the system and communicating via some other connection ...

The information system routes {{ insert: param, sc-7.8_prm_1 }} to {{ insert: param, sc-7.8_prm_2 }} through authenticated proxy servers at managed interfaces.

The information system: (a) Detects and denies outgoing communications traffic posing a threat to external information systems; and (b) Audits the identity of internal users associated with den...

The organization prevents the unauthorized exfiltration of information across managed interfaces.

The information system only allows incoming communications from {{ insert: param, sc-7.11_prm_1 }} to be routed to {{ insert: param, sc-7.11_prm_2 }}.

The organization implements {{ insert: param, sc-7.12_prm_1 }} at {{ insert: param, sc-7.12_prm_2 }}.

The organization isolates {{ insert: param, sc-7.13_prm_1 }} from other internal information system components by implementing physically separate subnetworks with managed interfaces to other compo...

The organization protects against unauthorized physical connections at {{ insert: param, sc-7.14_prm_1 }}.

The information system routes all networked, privileged accesses through a dedicated, managed interface for purposes of access control and auditing.

The information system prevents discovery of specific system components composing a managed interface.

The information system enforces adherence to protocol formats.

The information system fails securely in the event of an operational failure of a boundary protection device.

The information system blocks both inbound and outbound communications traffic between {{ insert: param, sc-7.19_prm_1 }} that are independently configured by end users and external service providers.

The information system provides the capability to dynamically isolate/segregate {{ insert: param, sc-7.20_prm_1 }} from other components of the system.

The organization employs boundary protection mechanisms to separate {{ insert: param, sc-7.21_prm_1 }} supporting {{ insert: param, sc-7.21_prm_2 }}.

The information system implements separate network addresses (i.e., different subnets) to connect to systems in different security domains.

The information system disables feedback to senders on protocol format validation failure.

The information system protects the {{ insert: param, sc-8_prm_1 }} of transmitted information.

The information system implements cryptographic mechanisms to {{ insert: param, sc-8.1_prm_1 }} during transmission unless otherwise protected by {{ insert: param, sc-8.1_prm_2 }}.

The information system maintains the {{ insert: param, sc-8.2_prm_1 }} of information during preparation for transmission and during reception.

The information system implements cryptographic mechanisms to protect message externals unless otherwise protected by {{ insert: param, sc-8.3_prm_1 }}.

The information system implements cryptographic mechanisms to conceal or randomize communication patterns unless otherwise protected by {{ insert: param, sc-8.4_prm_1 }}.

The information system terminates the network connection associated with a communications session at the end of the session or after {{ insert: param, sc-10_prm_1 }} of inactivity.

The information system establishes a trusted communications path between the user and the following security functions of the system: {{ insert: param, sc-11_prm_1 }}.

The information system provides a trusted communications path that is logically isolated and distinguishable from other paths.

The organization establishes and manages cryptographic keys for required cryptography employed within the information system in accordance with {{ insert: param, sc-12_prm_1 }}.

The organization maintains availability of information in the event of the loss of cryptographic keys by users.

The organization produces, controls, and distributes symmetric cryptographic keys using {{ insert: param, sc-12.2_prm_1 }} key management technology and processes.

The organization produces, controls, and distributes asymmetric cryptographic keys using {{ insert: param, sc-12.3_prm_1 }}.

The information system implements {{ insert: param, sc-13_prm_1 }} in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards.

The information system: a. Prohibits remote activation of collaborative computing devices with the following exceptions: {{ insert: param, sc-15_prm_1 }}; and b. Provides an explicit indication...

The information system provides physical disconnect of collaborative computing devices in a manner that supports ease of use.

The organization disables or removes collaborative computing devices from {{ insert: param, sc-15.3_prm_1 }} in {{ insert: param, sc-15.3_prm_2 }}.

The information system provides an explicit indication of current participants in {{ insert: param, sc-15.4_prm_1 }}.

The information system associates {{ insert: param, sc-16_prm_1 }} with information exchanged between information systems and between system components.

The information system validates the integrity of transmitted security attributes.

The organization issues public key certificates under an {{ insert: param, sc-17_prm_1 }} or obtains public key certificates from an approved service provider.

The organization: a. Defines acceptable and unacceptable mobile code and mobile code technologies; b. Establishes usage restrictions and implementation guidance for acceptable mobile code and m...

The information system identifies {{ insert: param, sc-18.1_prm_1 }} and takes {{ insert: param, sc-18.1_prm_2 }}.

The organization ensures that the acquisition, development, and use of mobile code to be deployed in the information system meets {{ insert: param, sc-18.2_prm_1 }}.

The information system prevents the download and execution of {{ insert: param, sc-18.3_prm_1 }}.

The information system prevents the automatic execution of mobile code in {{ insert: param, sc-18.4_prm_1 }} and enforces {{ insert: param, sc-18.4_prm_2 }} prior to executing the code.

The organization allows execution of permitted mobile code only in confined virtual machine environments.

The organization: a. Establishes usage restrictions and implementation guidance for Voice over Internet Protocol (VoIP) technologies based on the potential to cause damage to the information syst...

The information system: a. Provides additional data origin authentication and integrity verification artifacts along with the authoritative name resolution data the system returns in response to ...

The information system provides data origin and integrity protection artifacts for internal name/address resolution queries.

The information system requests and performs data origin authentication and data integrity verification on the name/address resolution responses the system receives from authoritative sources.

The information systems that collectively provide name/address resolution service for an organization are fault-tolerant and implement internal/external role separation.

The information system protects the authenticity of communications sessions.

The information system invalidates session identifiers upon user logout or other session termination.

The information system generates a unique session identifier for each session with {{ insert: param, sc-23.3_prm_1 }} and recognizes only session identifiers that are system-generated.

The information system only allows the use of {{ insert: param, sc-23.5_prm_1 }} for verification of the establishment of protected sessions.

The information system fails to a {{ insert: param, sc-24_prm_1 }} for {{ insert: param, sc-24_prm_2 }} preserving {{ insert: param, sc-24_prm_3 }} in failure.

The organization employs {{ insert: param, sc-25_prm_1 }} with minimal functionality and information storage.

The information system includes components specifically designed to be the target of malicious attacks for the purpose of detecting, deflecting, and analyzing such attacks.

The information system includes: {{ insert: param, sc-27_prm_1 }}.

The information system protects the {{ insert: param, sc-28_prm_1 }} of {{ insert: param, sc-28_prm_2 }}.

The information system implements cryptographic mechanisms to prevent unauthorized disclosure and modification of {{ insert: param, sc-28.1_prm_1 }} on {{ insert: param, sc-28.1_prm_2 }}.

The organization removes from online storage and stores off-line in a secure location {{ insert: param, sc-28.2_prm_1 }}.

The organization employs a diverse set of information technologies for {{ insert: param, sc-29_prm_1 }} in the implementation of the information system.

The organization employs virtualization techniques to support the deployment of a diversity of operating systems and applications that are changed {{ insert: param, sc-29.1_prm_1 }}.

The organization employs {{ insert: param, sc-30_prm_1 }} for {{ insert: param, sc-30_prm_2 }} at {{ insert: param, sc-30_prm_3 }} to confuse and mislead adversaries.

The organization employs {{ insert: param, sc-30.2_prm_1 }} to introduce randomness into organizational operations and assets.

The organization changes the location of {{ insert: param, sc-30.3_prm_1 }} {{ insert: param, sc-30.3_prm_2 }}].

The organization employs realistic, but misleading information in {{ insert: param, sc-30.4_prm_1 }} with regard to its security state or posture.

The organization employs {{ insert: param, sc-30.5_prm_1 }} to hide or conceal {{ insert: param, sc-30.5_prm_2 }}.

The organization: a. Performs a covert channel analysis to identify those aspects of communications within the information system that are potential avenues for covert {{ insert: param, sc-31_prm...

The organization tests a subset of the identified covert channels to determine which channels are exploitable.

The organization reduces the maximum bandwidth for identified covert {{ insert: param, sc-31.2_prm_1 }} channels to {{ insert: param, sc-31.2_prm_2 }}.

The organization measures the bandwidth of {{ insert: param, sc-31.3_prm_1 }} in the operational environment of the information system.

The organization partitions the information system into {{ insert: param, sc-32_prm_1 }} residing in separate physical domains or environments based on {{ insert: param, sc-32_prm_2 }}.

The information system at {{ insert: param, sc-34_prm_1 }}: a. Loads and executes the operating environment from hardware-enforced, read-only media; and b. Loads and executes {{ insert: param, ...

The organization employs {{ insert: param, sc-34.1_prm_1 }} with no writeable storage that is persistent across component restart or power on/off.

The organization protects the integrity of information prior to storage on read-only media and controls the media after such information has been recorded onto the media.

The organization: (a) Employs hardware-based, write-protect for {{ insert: param, sc-34.3_prm_1 }}; and (b) Implements specific procedures for {{ insert: param, sc-34.3_prm_2 }} to manually dis...

The information system includes components that proactively seek to identify malicious websites and/or web-based malicious code.

The organization distributes {{ insert: param, sc-36_prm_1 }} across multiple physical locations.

The organization employs polling techniques to identify potential faults, errors, or compromises to {{ insert: param, sc-36.1_prm_1 }}.

The organization employs {{ insert: param, sc-37_prm_1 }} for the physical delivery or electronic transmission of {{ insert: param, sc-37_prm_2 }} to {{ insert: param, sc-37_prm_3 }}.

The organization employs {{ insert: param, sc-37.1_prm_1 }} to ensure that only {{ insert: param, sc-37.1_prm_2 }} receive the {{ insert: param, sc-37.1_prm_3 }}.

The organization employs {{ insert: param, sc-38_prm_1 }} to protect key organizational information throughout the system development life cycle.

The information system maintains a separate execution domain for each executing process.

The information system implements underlying hardware separation mechanisms to facilitate process separation.

The information system maintains a separate execution domain for each thread in {{ insert: param, sc-39.2_prm_1 }}.

The information system protects external and internal {{ insert: param, sc-40_prm_1 }} from {{ insert: param, sc-40_prm_2 }}.

The information system implements cryptographic mechanisms that achieve {{ insert: param, sc-40.1_prm_1 }} against the effects of intentional electromagnetic interference.

The information system implements cryptographic mechanisms to reduce the detection potential of wireless links to {{ insert: param, sc-40.2_prm_1 }}.

The information system implements cryptographic mechanisms to identify and reject wireless transmissions that are deliberate attempts to achieve imitative or manipulative communications deception b...

The information system implements cryptographic mechanisms to prevent the identification of {{ insert: param, sc-40.4_prm_1 }} by using the transmitter signal parameters.

The organization physically disables or removes {{ insert: param, sc-41_prm_1 }} on {{ insert: param, sc-41_prm_2 }}.

The information system: a. Prohibits the remote activation of environmental sensing capabilities with the following exceptions: {{ insert: param, sc-42_prm_1 }}; and b. Provides an explicit ind...

The organization ensures that the information system is configured so that data or information collected by the {{ insert: param, sc-42.1_prm_1 }} is only reported to authorized individuals or roles.

The organization employs the following measures: {{ insert: param, sc-42.2_prm_1 }}, so that data or information collected by {{ insert: param, sc-42.2_prm_2 }} is only used for authorized purposes.

The organization prohibits the use of devices possessing {{ insert: param, sc-42.3_prm_1 }} in {{ insert: param, sc-42.3_prm_2 }}.

The organization: a. Establishes usage restrictions and implementation guidance for {{ insert: param, sc-43_prm_1 }} based on the potential to cause damage to the information system if used malic...

The organization employs a detonation chamber capability within {{ insert: param, sc-44_prm_1 }}.