CCI-002501

Reduce the maximum bandwidth for identified covert storage and/or timing channels to organization-defined values.

Implementation Guidance

Determine if the maximum bandwidth for identified covert [SC-31(02)_ODP[01]; one or more of the following PARAMETER VALUES is/are selected: {storage; timing}] channels is reduced to [SC-31(02)_ODP[02]; values for the maximum bandwidth for identified covert channels are defined].

Validation Procedures

Examine: [SELECT FROM: System and communications protection policy; procedures addressing covert channel analysis; acquisition contracts for systems or services; acquisition documentation; system design documentation; system configuration settings and associated documentation; covert channel analysis documentation; system audit records; system security plan; other relevant documents or records]. Interview: [SELECT FROM: System/network administrators; organizational personnel with information security responsibilities; organizational personnel with covert channel analysis responsibilities; system developers/integrators]. Test: [SELECT FROM: Organizational process for conducting covert channel analysis; mechanisms supporting and/or implementing covert channel analysis; mechanisms supporting and/or implementing the capability to reduce the bandwidth of covert channels].

The controls below (if any) were marked by NIST as being related to CCI-002501.