Navigate

CCI-001093

CCI-001093 Definition

Defines the types of denial-of-service events for protecting against or limiting the effects of the denial-of-service events.

Status
Type	CheckType.policy

Master Assessment Datasheet

Implementation Guidance

Determine if the effects of [SC-05_ODP[01]; types of denial-of-service events to be protected against or limited are defined] are [SC-05_ODP[02]; one of the following PARAMETER VALUES is selected: {protect against; limit}].

Validation Procedures

Examine: [SELECT FROM: System and communications protection policy; procedures addressing denial-of-service protection; system design documentation; list of denial-of-service attacks requiring employment of security safeguards to protect against or limit effects of such attacks; list of security safeguards protecting against or limiting the effects of denial-of-service attacks; system configuration settings and associated documentation; system audit records; system security plan; other relevant documents or records]. Interview: [SELECT FROM: System/network administrators; organizational personnel with information security responsibilities; organizational personnel with incident response responsibilities; system developer]. Test: [SELECT FROM: Mechanisms protecting against or limiting the effects of denial-of-service attacks].

Related Controls

The controls below (if any) were marked by NIST as being related to CCI-001093.

Control	Description
SC-5	a: [one of "protect against"/"limit"] the effects of the following types of denial-of-service events: [types of denial-of-service events to be protected against or limited are defined;] ; and b: Employ the following controls to achieve the denial-of-service objective: [controls to achieve the denial-of-service objective by type of denial-of-service event are defined;].