An error occurred:
Close sidebar
Xylok
Home Menu
info@xylok.io
© 2025
Xylok, LLC
Version: bugfix-XSS-85-d5bffe - rmfrev4
Xylok
Home Menu
info@xylok.io
© 2025
Xylok, LLC
Version: bugfix-XSS-85-d5bffe - rmfrev4
Open sidebar
Navigate
Top
Search
CCIs (
5137
)
Pages (
38/172
)
CCIs
Number
Definition
Status
Related
CCI-001111
The information system prevents remote devices that have established a non-remote connection with the system from communicating outside of that communications path with resources in external networks.
Draft
CCI-001112
Route organization-defined internal communications traffic to organization-defined external networks through authenticated proxy servers at managed interfaces.
Draft
SC-7(8)
CCI-001113
Defines the internal communications traffic to be routed to external networks.
Draft
SC-7(8)
CCI-001114
Defines the external networks to which organization-defined internal communications traffic should be routed.
Draft
SC-7(8)
CCI-001115
The information system, at managed interfaces, denies network traffic and audits internal users (or malicious code) posing a threat to external information systems.
Draft
CCI-001116
Prevent the exfiltration of information.
Draft
SC-7(10)
CCI-001117
The information system checks incoming communications to ensure the communications are coming from an authorized source and routed to an authorized destination.
Draft
CCI-001118
The information system implements host-based boundary protection mechanisms for servers, workstations, and mobile devices.
Draft
CCI-001119
Isolate organization-defined information security tools, mechanisms, and support components from other internal system components by implementing physically separate subnetworks with managed interfaces to other components of the system.
Draft
SC-7(13)
CCI-001120
Defines the information security tools, mechanisms, and support components to be isolated.
Draft
SC-7(13)
CCI-001121
Protect against unauthorized physical connections at organization-defined managed interfaces.
Draft
SC-7(14)
CCI-001122
The organization defines the managed interfaces where boundary protections against unauthorized physical connections are to be implemented.
Draft
SC-7(14)
CCI-001123
Route networked, privileged accesses through a dedicated, managed interface for purposes of access control and auditing.
Draft
SC-7(15)
CCI-001124
Prevent discovery of specific system components that represent a managed interface.
Draft
SC-7(16)
CCI-001125
Enforce adherence to protocol formats.
Draft
SC-7(17)
CCI-001126
Prevent systems from entering unsecure states in the event of an operational failure of a boundary protection device.
Draft
SC-7(18)
CCI-001127
The information system protects the integrity of transmitted information.
Draft
CCI-001128
The organization employs cryptographic mechanisms to recognize changes to information during transmission unless otherwise protected by alternative physical measures.
Draft
CCI-001129
The information system maintains the integrity of information during aggregation, packaging, and transformation in preparation for transmission.
Draft
CCI-001130
The information system protects the confidentiality of transmitted information.
Draft
CCI-001131
The organization employs cryptographic mechanisms to prevent unauthorized disclosure of information during transmission unless otherwise protected by alternative physical measures.
Draft
CCI-001132
The information system maintains the confidentiality of information during aggregation, packaging, and transformation in preparation for transmission.
Draft
CCI-001133
Terminate the network connection associated with a communications session at the end of the session or after an organization-defined time period of inactivity.
Draft
SC-10
CCI-001134
Defines the time period of inactivity after which the system terminates a network connection associated with a communications session.
Draft
SC-10
CCI-001135
Provide a physically or logically isolated trusted communication path for communication between the user and the trusted components of the system.
Draft
SC-11
CCI-001136
The organization defines security functions include information system authentication and reauthentication.
Draft
CCI-001137
The organization establishes cryptographic keys for required cryptography employed within the information system.
Draft
CCI-001138
The organization manages cryptographic keys for required cryptography employed within the information system.
Draft
CCI-001139
Maintain availability of information in the event of the loss of cryptographic keys by users.
Draft
SC-12(1)
CCI-001140
The organization produces, controls, and distributes symmetric cryptographic keys using NIST-approved or NSA-approved key management technology and processes.
Draft
Prev
1...
34
35
36
37
38
39
40
41
42
...172
Next