An error occurred:
Close sidebar
Xylok
Home Menu
info@xylok.io
© 2025
Xylok, LLC
Version: bugfix-XSS-85-d5bffe - rmfrev4
Xylok
Home Menu
info@xylok.io
© 2025
Xylok, LLC
Version: bugfix-XSS-85-d5bffe - rmfrev4
Open sidebar
Navigate
Top
Search
CCIs (
5137
)
Pages (
26/172
)
CCIs
Number
Definition
Status
Related
CCI-000751
The organization determines the organization-defined list of critical information system components that require re-implementation.
Draft
CCI-000752
The organization re-implements organization-defined critical information system components.
Draft
CCI-000753
The organization identifies information system components for which alternative sourcing is not viable.
Draft
CCI-000754
The organization defines measures to be employed to prevent critical security controls for information system components from being compromised.
Draft
CCI-000755
The organization employs organization-defined measures to ensure critical security controls for the information system components are not compromised.
Draft
CCI-000756
The organization develops an identification and authentication policy that addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance.
Draft
IA-1
CCI-000757
Disseminate an organization-level; mission/business process-level; and/or system-level identification and authentication policy to organization-defined personnel.
Draft
IA-1
CCI-000758
Review and update the current identification and authentication policy in accordance with the organization-defined frequency.
Draft
IA-1
CCI-000759
Defines a frequency for reviewing and updating the identification and authentication policy.
Draft
IA-1
CCI-000760
The organization develops procedures to facilitate the implementation of the identification and authentication policy and associated identification and authentication controls.
Draft
IA-1
CCI-000761
The organization disseminates to organization-defined personnel or roles procedures to facilitate the implementation of the identification and authentication policy and associated identification and authentication controls.
Draft
IA-1
CCI-000762
Review and update the current identification and authentication procedures in accordance with the organization-defined frequency.
Draft
IA-1
CCI-000763
Defines a frequency for reviewing and updating the identification and authentication procedures.
Draft
IA-1
CCI-000764
Uniquely identify and authenticate organizational users and associate that unique identification with processes acting on behalf of those users.
Draft
IA-2
CCI-000765
Implement multifactor authentication for access to privileged accounts.
Draft
IA-2(1)
CCI-000766
Implement multifactor authentication for access to non-privileged accounts.
Draft
IA-2(2)
CCI-000767
The information system implements multifactor authentication for local access to privileged accounts.
Draft
IA-2(3)
CCI-000768
The information system implements multifactor authentication for local access to non-privileged accounts.
Draft
IA-2(4)
CCI-000769
The organization allows the use of group authenticators only when used in conjunction with an individual/unique authenticator.
Draft
CCI-000770
The organization requires individuals to be authenticated with an individual authenticator when a group authenticator is employed.
Draft
IA-2(5)
CCI-000771
The information system uses multifactor authentication for network access to privileged accounts where one of the factors is provided by a device separate from the information system being accessed.
Draft
CCI-000772
The information system uses multifactor authentication for network access to non-privileged accounts where one of the factors is provided by a device separate from the information system being accessed.
Draft
CCI-000773
The organization defines replay-resistant authentication mechanisms to be used for network access to privileged accounts.
Draft
CCI-000774
The information system uses organization-defined replay-resistant authentication mechanisms for network access to privileged accounts.
Draft
CCI-000775
The organization defines replay-resistant authentication mechanisms to be used for network access to non-privileged accounts.
Draft
CCI-000776
The information system uses organization-defined replay-resistant authentication mechanisms for network access to non-privileged accounts.
Draft
CCI-000777
Defines devices and/or types of devices for which identification and authentication is required before establishing a connection.
Draft
IA-3
CCI-000778
Uniquely identify organization-defined devices and/or types of devices before establishing a local, remote, and/or network connection.
Draft
IA-3
CCI-000779
The information system authenticates devices before establishing remote network connections using bidirectional authentication between devices that is cryptographically based.
Draft
CCI-000780
The information system authenticates devices before establishing wireless network connections using bidirectional authentication between devices that is cryptographically based.
Draft
Prev
1...
22
23
24
25
26
27
28
29
30
...172
Next