Navigate

CCI-002383

CCI-002383 Definition

Defines the procedures to be employed to prevent unauthorized information transfer via shared resources when system processing explicitly switches between different information classification levels or security categories.

Status
Type	CheckType.policy

Master Assessment Datasheet

Implementation Guidance

Determine if unauthorized information transfer via shared resources is prevented in accordance with [SC-04(02)_ODP; procedures to prevent unauthorized information transfer via shared resources are defined] when system processing explicitly switches between different information classification levels or security categories.

Validation Procedures

Examine: [SELECT FROM: System and communications protection policy; procedures addressing information protection in shared system resources; system design documentation; system configuration settings and associated documentation; system audit records; system security plan; other relevant documents or records]. Interview: [SELECT FROM: System/network administrators; organizational personnel with information security responsibilities; system developer]. Test: [SELECT FROM: Mechanisms preventing the unauthorized transfer of information via shared system resources].

Related Controls

The controls below (if any) were marked by NIST as being related to CCI-002383.

Control	Description
SC-4(2)	Prevent unauthorized information transfer via shared resources in accordance with [procedures to prevent unauthorized information transfer via shared resources are defined;] when system processing explicitly switches between different information classification levels or security categories.