CCI-002474

Defines the system components which require the implementation of cryptographic mechanisms to prevent unauthorized disclosure and modification of organization-defined information at rest.

Implementation Guidance

Determine if: - cryptographic mechanisms are implemented to prevent unauthorized disclosure of [SC-28(01)_ODP[01]; information requiring cryptographic protection is defined] at rest on [SC-28(01)_ODP[02]; system components or media requiring cryptographic protection is/are defined]. - cryptographic mechanisms are implemented to prevent unauthorized modification of [SC-28(01)_ODP[01]; information requiring cryptographic protection is defined] at rest on [SC-28(01)_ODP[02]; system components or media requiring cryptographic protection is/are defined].

Validation Procedures

Examine: [SELECT FROM: System and communications protection policy; procedures addressing the protection of information at rest; system design documentation; system configuration settings and associated documentation; cryptographic mechanisms and associated configuration documentation; system audit records; system security plan; other relevant documents or records]. Interview: [SELECT FROM: System/network administrators; organizational personnel with information security responsibilities; system developer]. Test: [SELECT FROM: Cryptographic mechanisms implementing confidentiality and integrity protections for information at rest].

The controls below (if any) were marked by NIST as being related to CCI-002474.