Navigate

CCI-002485

CCI-002485 Definition

The organization employs organization-defined concealment and misdirection techniques for organization-defined information systems at organization-defined time periods to confuse and mislead adversaries.

Status
Type	CheckType.policy

Master Assessment Datasheet

Implementation Guidance

The organization being inspected/assessed designs the information system to employ concealment and misdirection techniques defined in SC-30, CCI 2482 for information systems defined in SC-30, 2483 at time periods defined in SC-30, CCI 2484 to confuse and mislead adversaries.

Validation Procedures

The organization conducting the inspection/assessment obtains and examines network topology diagrams, architecture documentation, or any other documentation identifying concealment and misdirection techniques to ensure the organization being inspected/assessed employs concealment and misdirection techniques defined in SC-30, CCI 2482 for information systems defined in SC-30, 2483 at time periods defined in SC-30, CCI 2484 to confuse and mislead adversaries.

DISA Compelling Evidence

1) Current site's network topology diagrams, architecture documentation (signed and dated), or any other relative documentation. 2) Verify that the documentation describes concealment and misdirection techniques defined in SC-30, CCI 2482 for information systems defined in SC-30, 2483 at time periods defined in SC-30, CCI 2484.

Related Controls

The controls below (if any) were marked by NIST as being related to CCI-002485.

Control	Description
SC-30	The organization employs [Assignment: organization-defined concealment and misdirection techniques] for [Assignment: organization-defined information systems] at [Assignment: organization-defined time periods] to confuse and mislead adversaries.