Navigate

CCI-002218

CCI-002218 Definition

Provide access from a single device to computing platforms, applications, or data residing on multiple different security domains, while preventing any information flow between the different security domains.

Status
Type	CheckType.technical

Master Assessment Datasheet

Implementation Guidance

Determine if access is provided from a single device to computing platforms, applications, or data that reside in multiple different security domains while preventing information flow between the different security domains.

Validation Procedures

Examine: [SELECT FROM: Information flow enforcement policy; procedures addressing information flow enforcement; system design documentation; system configuration settings and associated documentation; system audit records; system security plan; other relevant documents or records]. Interview: [SELECT FROM: Organizational personnel with information flow enforcement responsibilities; system/network administrators; organizational personnel with information security responsibilities]. Test: [SELECT FROM: Mechanisms implementing information flow enforcement functions].

Related Controls

The controls below (if any) were marked by NIST as being related to CCI-002218.

Control	Description
AC-4(22)	Provide access from a single device to computing platforms, applications, or data residing in multiple different security domains, while preventing information flow between the different security domains.