Navigate

CCI-002494

CCI-002494 Definition

The organization employs realistic, but misleading, information in organization-defined information system components with regard to its security state or posture.

Status
Type	CheckType.policy

Master Assessment Datasheet

Implementation Guidance

The organization being inspected/assessed employs realistic, but misleading, information in information system components defined in SC-30 (4), CCI 2493 with regard to its security state or posture.

Validation Procedures

The organization conducting the inspection/assessment obtains and examines any applicable evidence of methods to employ misinformation to ensure the organization being inspected/assessed employs realistic, but misleading, information in information system components defined in SC-30 (4), CCI 2493 with regard to its security state or posture.

Compelling Evidence

1.) Signed and dated System Security Plan (SSP) (reference "security techniques and processes" section).

Related Controls

The controls below (if any) were marked by NIST as being related to CCI-002494.

Control	Description
SC-30 (4)	The organization employs realistic, but misleading information in [Assignment: organization-defined information system components] with regard to its security state or posture.