Navigate

CCI-002193

CCI-002193 Definition

Defines procedures or methods to be employed to prevent encrypted information from bypassing flow control mechanisms, such as decrypting the information, blocking the flow of the encrypted information, and/or terminating communications sessions attempting to pass encrypted information.

Status
Type	CheckType.policy

Master Assessment Datasheet

Implementation Guidance

The organization being inspected/assessed selects or defines, and documents the mechanism to prevent encrypted information from bypassing content-checking mechanisms, such as decrypting the information, blocking the flow of the encrypted information, and/or terminating communications sessions attempting to pass encrypted information. Alternatively, the organization may define their own procedure or method. DoD has determined the procedures or methods are not appropriate to define at the Enterprise level.

Validation Procedures

The organization conducting the inspection/assessment obtains and examines the documented mechanism to ensure the organization being inspected/assessed selects or defines the mechanism to prevent encrypted information from bypassing content-checking mechanisms. DoD has determined the procedures or methods are not appropriate to define at the Enterprise level.

Compelling Evidence

1.) Signed and dated documentation that defines the procedures or methods used to prevent encrypted information from bypassing content-checking mechanisms.

Related Controls

The controls below (if any) were marked by NIST as being related to CCI-002193.

Control	Description
AC-4(4)	The information system prevents encrypted information from bypassing content-checking mechanisms by [one or more of "decrypting the information"/"blocking the flow of the encrypted information"/"terminating communications sessions attempting to pass encrypted information"/" {{ insert: param, ac-4.4_prm_2 }} "].