An error occurred:
Close sidebar
Xylok
Home Menu
info@xylok.io
© 2025
Xylok, LLC
Version: bugfix-XSS-85-d5bffe - rmfrev4
Xylok
Home Menu
info@xylok.io
© 2025
Xylok, LLC
Version: bugfix-XSS-85-d5bffe - rmfrev4
Open sidebar
Navigate
Top
Search
CCIs (
5137
)
Pages (
40/172
)
CCIs
Number
Definition
Status
Related
CCI-001171
Defines software applications in which automatic mobile code execution is to be prohibited.
Draft
SC-18(4)
CCI-001172
Defines actions to be enforced before executing mobile code.
Draft
SC-18(4)
CCI-001173
The organization establishes usage restrictions for Voice over Internet Protocol (VoIP) technologies based on the potential to cause damage to the information system if used maliciously.
Draft
SC-19
CCI-001174
The organization establishes implementation guidance for Voice over Internet Protocol (VoIP) technologies based on the potential to cause damage to the information system if used maliciously.
Draft
SC-19
CCI-001175
The organization authorizes the use of VoIP within the information system.
Draft
SC-19
CCI-001176
The organization monitors the use of VoIP within the information system.
Draft
SC-19
CCI-001177
The organization controls the use of VoIP within the information system.
Draft
SC-19
CCI-001178
Provide additional data origin authentication artifacts along with the authoritative name resolution data the system returns in response to external name/address resolution queries.
Draft
SC-20
CCI-001179
Provides the means to indicate the security status of child zones, when operating as part of a distributed, hierarchical namespace.
Draft
SC-20
CCI-001180
The information system performs data origin authentication and data integrity verification on the name/address resolution responses the system receives from authoritative sources when requested by client systems.
Draft
CCI-001181
The information system performs data origin authentication and data integrity verification on all resolution responses received whether or not local client systems explicitly request this service.
Draft
CCI-001182
Ensure the systems that collectively provide name/address resolution service for an organization are fault-tolerant.
Draft
SC-22
CCI-001183
Ensure the systems that collectively provide name/address resolution service for an organization implement internal/external role separation.
Draft
SC-22
CCI-001184
Protect the authenticity of communications sessions.
Draft
SC-23
CCI-001185
Invalidate session identifiers upon user logout or other session termination.
Draft
SC-23(1)
CCI-001186
The information system provides a readily observable logout capability whenever authentication is used to gain access to web pages.
Draft
CCI-001187
The information system generates a unique session identifier for each session.
Draft
CCI-001188
Generate a unique session identifier for each session with organization-defined randomness requirements.
Draft
SC-23(3)
CCI-001189
Defines randomness requirements for generating unique session identifiers.
Draft
SC-23(3)
CCI-001190
Fail to an organization-defined known-system state for the list of organization-defined types of system failures on organization-defined system components on the indicated components while preserving organization-defined system state information in failure.
Draft
SC-24
CCI-001191
Defines the known system state the system should fail to in the event of an organization-defined system failure.
Draft
SC-24
CCI-001192
Defines types of system failures for which should fail to an organization-defined known system state.
Draft
SC-24
CCI-001193
Defines system state information that should be preserved in the event of a system failure.
Draft
SC-24
CCI-001194
Employ minimal functionality and information storage on organization-defined information system components.
Draft
SC-25
CCI-001195
Include components within organizational systems specifically designed to be the target of malicious attacks for detecting, deflecting, and analyzing such attacks.
Draft
SC-26
CCI-001196
Include system components that proactively seek to identify network-based malicious code or malicious websites.
Draft
SC-35
CCI-001197
Include within organizational systems organization-defined platform-independent applications.
Draft
SC-27
CCI-001198
Defines applications that are platform independent.
Draft
SC-27
CCI-001199
Protects the confidentiality and/or integrity of organization-defined information at rest.
Draft
SC-28
CCI-001200
The organization employs cryptographic mechanisms to prevent unauthorized disclosure of information at rest unless otherwise protected by alternative physical measures.
Draft
Prev
1...
36
37
38
39
40
41
42
43
44
...172
Next