An error occurred:
Close sidebar
Xylok
Home Menu
info@xylok.io
© 2024
Xylok, LLC
Version: pp-server-fixes-6359-660a
Xylok
Home Menu
info@xylok.io
© 2024
Xylok, LLC
Version: pp-server-fixes-6359-660a
Open sidebar
Navigate
Top
Search
CCIs (
3551
)
Pages (
13/119
)
CCIs
Number
Definition
Status
Related
CCI-000363
The organization defines security configuration checklists to be used to establish and document configuration settings for the information system technology products employed.
Draft
CM-6
CCI-000364
The organization establishes configuration settings for information technology products employed within the information system using organization-defined security configuration checklists.
Draft
CM-6
CCI-000365
The organization documents configuration settings for information technology products employed within the information system using organization-defined security configuration checklists that reflect the most restrictive mode consistent with operational requirements.
Draft
CM-6
CCI-000366
The organization implements the security configuration settings.
Draft
CM-6
CCI-000367
The organization identifies any deviations from the established configuration settings for organization-defined information system components based on organization-defined operational requirements.
Draft
CM-6
CCI-000368
The organization documents any deviations from the established configuration settings for organization-defined information system components based on organization-defined operational requirements.
Draft
CM-6
CCI-000369
The organization approves any deviations from the established configuration settings for organization-defined information system components based on organization-defined operational requirements.
Draft
CM-6
CCI-000370
The organization employs automated mechanisms to centrally manage configuration settings for organization-defined information system components.
Draft
CM-6 (1)
CCI-000371
The organization employs automated mechanisms to centrally apply configuration settings for organization-defined information system components.
Draft
CM-6 (1)
CCI-000372
The organization employs automated mechanisms to centrally verify configuration settings for organization-defined information system components.
Draft
CM-6 (1)
CCI-000373
The organization defines configuration settings for which unauthorized changes are responded to by automated mechanisms.
Draft
CCI-000374
The organization employs automated mechanisms to respond to unauthorized changes to organization-defined configuration settings.
Draft
CCI-000375
The organization incorporates detection of unauthorized, security-relevant configuration changes into the organizations incident response capability.
Draft
CCI-000376
The organization ensures unauthorized, security-relevant configuration changes detected are monitored.
Draft
CCI-000377
The organization ensures unauthorized, security-relevant configuration changes detected are corrected.
Draft
CCI-000378
The organization ensures unauthorized, security-relevant configuration changes detected are available for historical purposes.
Draft
CCI-000379
The information system (including modifications to the baseline configuration) demonstrates conformance to security configuration guidance (i.e., security checklists) prior to being introduced into a production environment.
Draft
CCI-000380
The organization defines prohibited or restricted functions, ports, protocols, and/or services for the information system.
Draft
CM-7
CCI-000381
The organization configures the information system to provide only essential capabilities.
Draft
CM-7
CCI-000382
The organization configures the information system to prohibit or restrict the use of organization-defined functions, ports, protocols, and/or services.
Draft
CM-7
CCI-000383
The organization defines the frequency of information system reviews to identify and eliminate unnecessary functions, ports, protocols and/or services.
Draft
CCI-000384
The organization reviews the information system per organization-defined frequency to identify unnecessary and nonsecure functions, ports, protocols, and services.
Draft
CM-7 (1)
CCI-000385
The organization reviews the information system per organization-defined frequency to eliminate unnecessary functions, ports, protocols, and/or services.
Draft
CCI-000386
The organization employs automated mechanisms to prevent program execution on the information system in accordance with the organization-defined specifications.
Draft
CCI-000387
The organization defines registration requirements for functions, ports, protocols, and services.
Draft
CM-7 (3)
CCI-000388
The organization ensures compliance with organization-defined registration requirements for functions, ports, protocols, and services.
Draft
CM-7 (3)
CCI-000389
The organization develops an inventory of information system components that accurately reflects the current information system.
Draft
CM-8
CCI-000390
The organization documents an inventory of information system components that accurately reflects the current information system.
Draft
CM-8
CCI-000391
The organization maintains an inventory of information system components that accurately reflects the current information system.
Draft
CCI-000392
The organization develops an inventory of information system components that includes all components within the authorization boundary of the information system.
Draft
CM-8
Prev
1...
9
10
11
12
13
14
15
16
17
...119
Next