Navigate

CCI-004867

CCI-004867 Definition

Defines the controls by type of denial-of-service event by employing the controls to achieve the denial-of-service objective.

Status
Type	CheckType.technical

Master Assessment Datasheet

Implementation Guidance

Determine if [SC-05_ODP[03]; controls to achieve the denial-of-service objective by type of denial-of-service event are defined] are employed to achieve the denial-of-service protection objective.

Validation Procedures

Examine: [SELECT FROM: System and communications protection policy; procedures addressing denial-of-service protection; system design documentation; list of denial-of-service attacks requiring employment of security safeguards to protect against or limit effects of such attacks; list of security safeguards protecting against or limiting the effects of denial-of-service attacks; system configuration settings and associated documentation; system audit records; system security plan; other relevant documents or records]. Interview: [SELECT FROM: System/network administrators; organizational personnel with information security responsibilities; organizational personnel with incident response responsibilities; system developer]. Test: [SELECT FROM: Mechanisms protecting against or limiting the effects of denial-of-service attacks].

Related Controls

The controls below (if any) were marked by NIST as being related to CCI-004867.

Control	Description
SC-5	a: [one of "protect against"/"limit"] the effects of the following types of denial-of-service events: [types of denial-of-service events to be protected against or limited are defined;] ; and b: Employ the following controls to achieve the denial-of-service objective: [controls to achieve the denial-of-service objective by type of denial-of-service event are defined;].