Navigate

CCI-003675

CCI-003675 Definition

When transferring information between different security domains, implement a linear content filter pipeline that is enforced with discretionary and mandatory access controls.

Status
Type	CheckType.technical

Master Assessment Datasheet

Implementation Guidance

Determine if when transferring information between security domains, a linear content filter pipeline is implemented that is enforced with discretionary and mandatory access controls.

Validation Procedures

Examine: [SELECT FROM: Information flow enforcement policy; procedures addressing information flow enforcement; system design documentation; system configuration settings and associated documentation; system audit records; system security plan; other relevant documents or records]. Interview: [SELECT FROM: Organizational personnel with information flow enforcement responsibilities; system/network administrators; organizational personnel with information security responsibilities]. Test: [SELECT FROM: Mechanisms implementing information flow enforcement functions; mechanisms implementing linear content filters].

Related Controls

The controls below (if any) were marked by NIST as being related to CCI-003675.

Control	Description
AC-4(28)	When transferring information between different security domains, implement a linear content filter pipeline that is enforced with discretionary and mandatory access controls.