CCI-001195

The information system includes components specifically designed to be the target of malicious attacks for the purpose of detecting, deflecting, and analyzing such attacks.

Implementation Guidance

The organization being inspected/assessed designs the information system to include decoy components specifically designed to be the target of malicious attacks for the purpose of detecting, deflecting, and analyzing such attacks.

Validation Procedures

The organization conducting the inspection/assessment obtains and examines the network topology diagrams, architecture documentation, or any other documentation identifying decoy components to be attacked to ensure the organization being inspected/assessed includes components specifically designed to be the target of malicious attacks for the purpose of detecting, deflecting, and analyzing such attacks.

DISA Compelling Evidence

1) Current site's network topology diagrams, architecture documentation (signed and dated), or any other relative documentation (signed and dated). 2) Verify that the site implements and identify decoy components in the network which are specifically designed to be the target of malicious attacks. 3) Verify that these components implemented for the purpose of detecting, deflecting, and analyzing malicious attacks.

The controls below (if any) were marked by NIST as being related to CCI-001195.