CCI-000830

Defines security violations that, if detected, initiate a configurable capability to automatically disable the system.

Implementation Guidance

Determine if a configurable capability is implemented to automatically disable the system if [IR-04(05)_ODP; security violations that automatically disable a system are defined] are detected.

Validation Procedures

Examine: [SELECT FROM: Incident response policy; procedures addressing incident handling; automated mechanisms supporting incident handling; system design documentation; system configuration settings and associated documentation; system security plan; incident response plan; privacy plan; other relevant documents or records]. Interview: [SELECT FROM: Organizational personnel with incident handling responsibilities; organizational personnel with information security responsibilities; system developers]. Test: [SELECT FROM: Incident handling capability for the organization; automated mechanisms supporting and/or implementing automatic disabling of the system].

The controls below (if any) were marked by NIST as being related to CCI-000830.