Navigate

CCI-002498

CCI-002498 Definition

Perform a covert channel analysis to identify those aspects of communications within the system that are potential avenues for covert storage and/or timing channels.

Status
Type	CheckType.policy

Master Assessment Datasheet

Implementation Guidance

The organization being inspected/assessed performs a covert channel analysis to identify those aspects of communications within the information system that are potential avenues for covert storage and/or timing channels. The organization must maintain an audit trail of analyses.

Validation Procedures

The organization conducting the inspection/assessment obtains and examines the results of the analysis to ensure the organization being inspected/assessed performs a covert channel analysis to identify those aspects of communications within the information system that are potential avenues for covert storage and/or timing channels.

Compelling Evidence

1.) Most current results of covert channel analysis.

Related Controls

The controls below (if any) were marked by NIST as being related to CCI-002498.

Control	Description
SC-31	The organization: a: Performs a covert channel analysis to identify those aspects of communications within the information system that are potential avenues for covert [one or more of "storage"/"timing"] channels; and b: Estimates the maximum bandwidth of those channels.