System and Communications Protection

Overview:Separate user functionality from information system management functionality. Action Items:3.13.3[a]Determine if: user functionality is identified. 3.13.3[b]Determine if: system management functionality is identified. 3.13.3[c]Determine if:... Read More

Overview:Monitor, control, and protect organizational communications (i.e., information transmitted or received by organizational information systems) at the external boundaries and key internal boundaries of the information systems. Action Items:3... Read More

Overview:Prohibit remote activation of collaborative computing devices and provide indication of devices in use to users present at the device. Action Items:3.13.12[a]Determine if: collaborative computing devices are identified. 3.13.12[b]Determine... Read More

Overview:Establish and manage cryptographic keys for cryptography employed in the information system; Action Items:3.13.10[a]Determine if: cryptographic keys are established whenever cryptography is employed. 3.13.10[b]Determine if: cryptographic... Read More

Overview:Employ FIPS-validated cryptography when used to protect the confidentiality of CUI. Action Items:3.13.11[a]Determine if: FIPS-validated cryptography is employed to protect the confidentiality of CUI. POTENTIAL ASSESSMENT METHODS AND OBJECTS... Read More

Overview:Deny network communications traffic by default and allow network communications traffic by exception (i.e., deny all, permit by exception). Action Items:3.13.6[a]Determine if: network communications traffic is denied by default. 3.13.6[b... Read More

Overview:Implement cryptographic mechanisms to prevent unauthorized disclosure of CUI during transmission unless otherwise protected by alternative physical safeguards. Action Items:3.13.8[a]Determine if: cryptographic mechanisms intended to prevent... Read More

Overview:Prevent unauthorized and unintended information transfer via shared system resources. Action Items:3.13.4[a]Determine if: unauthorized and unintended information transfer via shared system resources is prevented. POTENTIAL ASSESSMENT METHODS... Read More

Overview:Control and monitor the use of mobile code. Action Items:3.13.13[a]Determine if: use of mobile code is controlled. 3.13.13[b]Determine if: use of mobile code is monitored. POTENTIAL ASSESSMENT METHODS AND OBJECTS 1Examine: System and... Read More

Overview:Terminate network connections associated with communications sessions at the end of the sessions or after a defined period of inactivity. Action Items:3.13.9[a]Determine if: a period of inactivity to terminate network connections associated... Read More