Navigate

CCI-000029

CCI-000029 Definition

Enforce organization-defined limitations on embedding data types within other data types.

Status
Type	CheckType.technical

Master Assessment Datasheet

Implementation Guidance

Determine if [AC-04(05)_ODP; limitations on embedding data types within other data types are defined] are enforced on embedding data types within other data types.

Validation Procedures

Examine: [SELECT FROM: Access control policy; procedures addressing information flow enforcement; system design documentation; system configuration settings and associated documentation; list of limitations to be enforced on embedding data types within other data types; system audit records; system security plan; other relevant documents or records]. Interview: [SELECT FROM: System/network administrators; organizational personnel with information security responsibilities; system developers]. Test: [SELECT FROM: Mechanisms implementing information flow enforcement policy].

Related Controls

The controls below (if any) were marked by NIST as being related to CCI-000029.

Control	Description
AC-4(5)	Enforce [limitations on embedding data types within other data types are defined;] on embedding data types within other data types.