Navigate

CCI-003679

CCI-003679 Definition

When transferring information between different security domains, prevent the transfer of failed content to the receiving domain.

Status
Type	CheckType.technical

Master Assessment Datasheet

Implementation Guidance

Determine if when transferring information between different security domains, the transfer of failed content to the receiving domain is prevented.

Validation Procedures

Examine: [SELECT FROM: Information flow enforcement policy; procedures addressing information flow enforcement; system design documentation; system configuration settings and associated documentation; system audit records; system security plan; other relevant documents or records]. Interview: [SELECT FROM: Organizational personnel with information flow enforcement responsibilities; system/network administrators; organizational personnel with information security responsibilities]. Test: [SELECT FROM: Mechanisms implementing information flow enforcement functions].

Related Controls

The controls below (if any) were marked by NIST as being related to CCI-003679.

Control	Description
AC-4(31)	When transferring information between different security domains, prevent the transfer of failed content to the receiving domain.