CCI-002346
CCI-002346 Definition
| Status | |
| Type | CheckType.technical |
Master Assessment Datasheet
Implementation Guidance
Determine if [AC-23_ODP[01]; data mining prevention and detection techniques are defined] are employed for [AC-23_ODP[02]; data storage objects to be protected against unauthorized data mining are defined] to detect and protect against unauthorized data mining.
Validation Procedures
Examine: [SELECT FROM: Access control policy; procedures for preventing and detecting data mining; policies and procedures addressing authorized data mining techniques; procedures addressing protection of data storage objects against data mining; system design documentation; system configuration settings and associated documentation; system audit logs; system audit records; procedures addressing differential privacy techniques; notifications of atypical database queries or accesses; documentation or reports of insider threat program; system security plan; privacy plan; other relevant documents or records]. Interview: [SELECT FROM: Organizational personnel with responsibilities for implementing data mining detection and prevention techniques for data storage objects; legal counsel; organizational personnel with information security and privacy responsibilities; system developers]. Test: [SELECT FROM: Mechanisms implementing data mining prevention and detection].