CCI-001195
CCI-001195 Definition
Status | |
Type | CheckType.policy |
Master Assessment Datasheet
Implementation Guidance
The organization being inspected/assessed designs the information system to include decoy components specifically designed to be the target of malicious attacks for the purpose of detecting, deflecting, and analyzing such attacks.
Validation Procedures
The organization conducting the inspection/assessment obtains and examines the network topology diagrams, architecture documentation, or any other documentation identifying decoy components to be attacked to ensure the organization being inspected/assessed includes components specifically designed to be the target of malicious attacks for the purpose of detecting, deflecting, and analyzing such attacks.
DISA Compelling Evidence
1) Current site's network topology diagrams, architecture documentation (signed and dated), or any other relative documentation (signed and dated). 2) Verify that the site implements and identify decoy components in the network which are specifically designed to be the target of malicious attacks. 3) Verify that these components implemented for the purpose of detecting, deflecting, and analyzing malicious attacks.