Xylok Scanner CCIs

Number	Definition	Status
CCI-004892	Defines the critical system components to implement physically or logically separate subnetworks.	Draft
CCI-004893	Implement organization-defined protection distribution system to prevent unauthorized disclosure of information, and/or detect changes to information during transmission.	Draft
CCI-004894	Defines the protected distribution system for preventing unauthorized disclosure of information, and/or detect changes to information during transmission.	Draft
CCI-004895	Permit users to invoke the trusted communications path for communications between the user and the organization-defined security functions, including at a minimum, authentication and re-authentication.	Draft
CCI-004896	Initiates the trusted communications path for communications between the organization-defined security functions of the system and the user.	Draft
CCI-004897	Defines the security functions to be initiated between the system and the user for trusted communications path for communications.	Draft
CCI-004898	Defines requirements for certificates that are issued for producing, controlling, and distributing asymmetric cryptographic keys.	Draft
CCI-004899	Maintain physical control of cryptographic keys when store information is encrypted by external service providers.	Draft
CCI-004900	Determine the organization-defined cryptographic uses.	Draft
CCI-004901	Associate organization-defined privacy attributes with information exchanged between systems.	Draft
CCI-004902	Associate organization-defined privacy attributes with information exchanged between system components.	Draft
CCI-004903	Defines the privacy attributes to associate with the information being exchanged between systems and between system components.	Draft
CCI-004904	Verify the integrity of transmitted privacy attributes.	Draft
CCI-004905	Implement anti-spoofing mechanisms to prevent adversaries from falsifying the security attributes indicating the successful application of the security process.	Draft
CCI-004906	Implement organization-defined mechanisms or techniques to bind security attributes to transmitted information.	Draft
CCI-004907	Implement organization-defined mechanisms or techniques to bind privacy attributes to transmitted information.	Draft
CCI-004908	Defines the mechanisms or techniques for binding security and privacy attributes to transmitted information.	Draft
CCI-004909	Include only approved trust anchors in trust stores or certificate stores managed by the organization.	Draft
CCI-004910	Provide protected storage for cryptographic keys with organization-defined safeguards and/or hardware protected key store.	Draft
CCI-004911	Defines the safeguards for providing protected storage for cryptographic keys.	Draft
CCI-004912	Partition privileged functions into separate physical domains.	Draft
CCI-004913	Takes organization-defined actions in response to identified faults, errors, or compromises.	Draft
CCI-004914	Defines actions to take in response to identified faults, errors, or compromises.	Draft
CCI-004915	Synchronize the organization-defined duplicate systems or system components.	Draft
CCI-004916	Defines the duplicate systems or system components to be synchronized.	Draft
CCI-004917	Defines sensors to facilitate an individual's awareness that personally identifiable information is being collected.	Draft
CCI-004918	Defines measures to facility an individual's awareness that personally identifiable information is being collected.	Draft
CCI-004919	Employ organization-defined measures to facilitate an individual's awareness that personally identifiable information is being collected by organization-defined sensors.	Draft
CCI-004920	Defines sensors that are configured to minimize the collection of information about individuals that is not needed.	Draft
CCI-004921	Employ organization-defined sensors that are configured to minimize the collection of information about individuals that is not needed.	Draft