Navigate

CCI-002472

CCI-002472 Definition

Defines the information at rest that is to be protected.

Status
Type	CheckType.policy

Master Assessment Datasheet

Implementation Guidance

Determine if the [SC-28_ODP[01]; one or more of the following PARAMETER VALUES is/are selected: {confidentiality; integrity}] of [SC-28_ODP[02]; information at rest requiring protection is defined] is/are protected.

Validation Procedures

Examine: [SELECT FROM: System and communications protection policy; procedures addressing the protection of information at rest; system design documentation; system configuration settings and associated documentation; cryptographic mechanisms and associated configuration documentation; list of information at rest requiring confidentiality and integrity protections; system security plan; other relevant documents or records]. Interview: [SELECT FROM: System/network administrators; organizational personnel with information security responsibilities; system developer]. Test: [SELECT FROM: Mechanisms supporting and/or implementing confidentiality and integrity protections for information at rest].

Related Controls

The controls below (if any) were marked by NIST as being related to CCI-002472.

Control	Description
SC-28	Protect the [one or more of "confidentiality"/"integrity"] of the following information at rest: [information at rest requiring protection is defined;].