CCI-002494
CCI-002494 Definition
Employ realistic, but misleading, information in organization-defined system components about its security state or posture.
Status | |
Type | CheckType.policy |
Master Assessment Datasheet
Implementation Guidance
The organization being inspected/assessed employs realistic, but misleading, information in information system components defined in SC-30 (4), CCI 2493 with regard to its security state or posture.
Validation Procedures
The organization conducting the inspection/assessment obtains and examines any applicable evidence of methods to employ misinformation to ensure the organization being inspected/assessed employs realistic, but misleading, information in information system components defined in SC-30 (4), CCI 2493 with regard to its security state or posture.
Compelling Evidence
1.) Signed and dated System Security Plan (SSP) (reference "security techniques and processes" section).