CCI-001661

Defines the security functions, to at a minimum, include system authentication and re-authentication, for permitting users to invoke the trusted communications path.

Implementation Guidance

Determine if users are permitted to invoke the trusted communication path for communications between the user and the [SC-11_ODP[02]; security functions of the system are defined] of the system, including authentication and re-authentication, at a minimum.

Validation Procedures

Examine: [SELECT FROM: System and communications protection policy; procedures addressing trusted communication paths; security plan; system design documentation; system configuration settings and associated documentation; assessment results from independent, testing organizations; system audit records; system security plan; other relevant documents or records]. Interview: [SELECT FROM: System/network administrators; organizational personnel with information security responsibilities; system developer]. Test: [SELECT FROM: Mechanisms supporting and/or implementing trusted communication paths].

The controls below (if any) were marked by NIST as being related to CCI-001661.