An error occurred:
Close sidebar
Xylok
Home Menu
info@xylok.io
© 2025
Xylok, LLC
Version: bugfix-XSS-85-d5bffe - rmfrev4
Xylok
Home Menu
info@xylok.io
© 2025
Xylok, LLC
Version: bugfix-XSS-85-d5bffe - rmfrev4
Open sidebar
Navigate
Top
Search
CCIs (
5137
)
Pages (
13/172
)
CCIs
Number
Definition
Status
Related
CCI-000361
The organization reviews information system developer/integrator privileges per organization-defined frequency.
Draft
CCI-000362
The organization reevaluates information system developer/integrator privileges per organization-defined frequency.
Draft
CCI-000363
The organization defines security configuration checklists to be used to establish and document configuration settings for the information system technology products employed.
Draft
CM-6
CCI-000364
The organization establishes configuration settings for information technology products employed within the information system using organization-defined security configuration checklists.
Draft
CM-6
CCI-000365
The organization documents configuration settings for information technology products employed within the information system using organization-defined security configuration checklists that reflect the most restrictive mode consistent with operational requirements.
Draft
CM-6
CCI-000366
Implement the security configuration settings.
Draft
CM-6
CCI-000367
Identify any deviations from the established configuration settings for organization-defined system components based on organization-defined operational requirements.
Draft
CM-6
CCI-000368
Document any deviations from the established configuration settings for organization-defined system components based on organization-defined operational requirements.
Draft
CM-6
CCI-000369
Approve any deviations from the established configuration settings for organization-defined system components based on organization-defined operational requirements.
Draft
CM-6
CCI-000370
Manage configuration settings for organization-defined system components using organization-defined automated mechanisms.
Draft
CM-6(1)
CCI-000371
Apply configuration settings for organization-defined system components using organization-defined automated mechanisms.
Draft
CM-6(1)
CCI-000372
Verify configuration settings for organization-defined system components using organization-defined automated mechanisms.
Draft
CM-6(1)
CCI-000373
The organization defines configuration settings for which unauthorized changes are responded to by automated mechanisms.
Draft
CCI-000374
The organization employs automated mechanisms to respond to unauthorized changes to organization-defined configuration settings.
Draft
CCI-000375
The organization incorporates detection of unauthorized, security-relevant configuration changes into the organizations incident response capability.
Draft
CCI-000376
The organization ensures unauthorized, security-relevant configuration changes detected are monitored.
Draft
CCI-000377
The organization ensures unauthorized, security-relevant configuration changes detected are corrected.
Draft
CCI-000378
The organization ensures unauthorized, security-relevant configuration changes detected are available for historical purposes.
Draft
CCI-000379
The information system (including modifications to the baseline configuration) demonstrates conformance to security configuration guidance (i.e., security checklists) prior to being introduced into a production environment.
Draft
CCI-000380
Defines prohibited or restricted functions, system ports, protocols, software and/or services for the system.
Draft
CM-7
CCI-000381
Configure the system to provide only organization-defined mission essential capabilities.
Draft
CM-7
CCI-000382
Configure the system to prohibit or restrict the use of organization-defined prohibited or restricted functions, system ports, protocols, software, and/or services.
Draft
CM-7
CCI-000383
The organization defines the frequency of information system reviews to identify and eliminate unnecessary functions, ports, protocols and/or services.
Draft
CCI-000384
Review the system per organization-defined frequency to identify unnecessary and nonsecure functions, ports, protocols, software, and services.
Draft
CM-7(1)
CCI-000385
The organization reviews the information system per organization-defined frequency to eliminate unnecessary functions, ports, protocols, and/or services.
Draft
CCI-000386
The organization employs automated mechanisms to prevent program execution on the information system in accordance with the organization-defined specifications.
Draft
CCI-000387
Defines registration requirements for functions, ports, protocols, and services.
Draft
CM-7(3)
CCI-000388
Ensure compliance with organization-defined registration requirements for functions, ports, protocols, and services.
Draft
CM-7(3)
CCI-000389
The organization develops an inventory of information system components that accurately reflects the current information system.
Draft
CM-8
CCI-000390
The organization documents an inventory of information system components that accurately reflects the current information system.
Draft
CM-8
Prev
1...
9
10
11
12
13
14
15
16
17
...172
Next