An error occurred:
Close sidebar
Xylok
Home Menu
[email protected]
© 2024
Xylok, LLC
Version: v2024.04.1-c0c9-98fb
Xylok
Home Menu
[email protected]
© 2024
Xylok, LLC
Version: v2024.04.1-c0c9-98fb
Open sidebar
Navigate
Top
Search
CCIs (
3551
)
Pages (
7/119
)
CCIs
Number
Definition
Status
Related
CCI-000181
The organization manages information system authenticators by establishing reuse conditions for authenticators.
Draft
IA-5
CCI-000182
The organization manages information system authenticators by changing/refreshing authenticators in accordance with the organization-defined time period by authenticator type.
Draft
IA-5
CCI-000183
The organization manages information system authenticators by protecting authenticator content from unauthorized disclosure.
Draft
IA-5
CCI-000184
The organization manages information system authenticators by requiring individuals to take, and having devices implement, specific security safeguards to protect authenticators.
Draft
IA-5
CCI-000185
The information system, for PKI-based authentication, validates certifications by constructing and verifying a certification path to an accepted trust anchor including checking certificate status information.
Draft
IA-5 (2)
CCI-000186
The information system, for PKI-based authentication, enforces authorized access to the corresponding private key.
Draft
IA-5 (2)
CCI-000187
The information system, for PKI-based authentication, maps the authenticated identity to the account of the individual or group.
Draft
IA-5 (2)
CCI-000188
The organization requires that the registration process to receive an organizational-defined type of authenticator be carried out in person before a designated registration authority with authorization by a designated organizational official (e.g., a supervisor).
Draft
CCI-000189
The organization employs automated tools to determine if authenticators are sufficiently strong to resist attacks intended to discover or otherwise compromise the authenticators.
Draft
CCI-000190
The organization requires vendors/manufacturers of information system components to provide unique authenticators or change default authenticators prior to delivery.
Draft
CCI-000191
The organization enforces password complexity by the number of special characters used.
Deprecated
CCI-000192
The information system enforces password complexity by the minimum number of upper case characters used.
Draft
IA-5 (1)
CCI-000193
The information system enforces password complexity by the minimum number of lower case characters used.
Draft
IA-5 (1)
CCI-000194
The information system enforces password complexity by the minimum number of numeric characters used.
Draft
IA-5 (1)
CCI-000195
The information system, for password-based authentication, when new passwords are created, enforces that at least an organization-defined number of characters are changed.
Draft
IA-5 (1)
CCI-000196
The information system, for password-based authentication, stores only cryptographically-protected passwords.
Draft
IA-5 (1)
CCI-000197
The information system, for password-based authentication, transmits only cryptographically-protected passwords.
Draft
IA-5 (1)
CCI-000198
The information system enforces minimum password lifetime restrictions.
Draft
IA-5 (1)
CCI-000199
The information system enforces maximum password lifetime restrictions.
Draft
IA-5 (1)
CCI-000200
The information system prohibits password reuse for the organization-defined number of generations.
Draft
IA-5 (1)
CCI-000201
The organization protects authenticators commensurate with the security category of the information to which use of the authenticator permits access.
Draft
IA-5 (6)
CCI-000202
The organization ensures unencrypted static authenticators are not embedded in access scripts.
Draft
IA-5 (7)
CCI-000203
The organization ensures unencrypted static authenticators are not stored on function keys.
Draft
IA-5 (7)
CCI-000204
The organization defines the security safeguards required to manage the risk of compromise due to individuals having accounts on multiple information systems.
Draft
IA-5 (8)
CCI-000205
The information system enforces minimum password length.
Draft
IA-5 (1)
CCI-000206
The information system obscures feedback of authentication information during the authentication process to protect the information from possible exploitation/use by unauthorized individuals.
Draft
IA-6
CCI-000207
The organization develops and maintains an inventory of its information systems.
Draft
PM-5
CCI-000208
The organization determines normal time-of-day and duration usage for information system accounts.
Draft
CCI-000209
The organization develops the results of information security measures of performance.
Draft
PM-6
CCI-000210
The organization monitors the results of information security measures of performance.
Draft
PM-6
Prev
1...
3
4
5
6
7
8
9
10
11
...119
Next