An error occurred:
Close sidebar
Xylok
Home Menu
info@xylok.io
© 2025
Xylok, LLC
Version: bugfix-XSS-85-d5bffe - rmfrev4
Xylok
Home Menu
info@xylok.io
© 2025
Xylok, LLC
Version: bugfix-XSS-85-d5bffe - rmfrev4
Open sidebar
Navigate
Top
Search
CCIs (
5137
)
Pages (
41/172
)
CCIs
Number
Definition
Status
Related
CCI-001201
Employ a diverse set of information technologies for organization-defined system components in the implementation of the system.
Draft
SC-29
CCI-001202
The organization employs virtualization techniques to present information system components as other types of components, or components with differing configurations.
Draft
CCI-001203
Employ virtualization techniques to support the deployment of a diversity of operating systems that are changed on an organization-defined frequency.
Draft
SC-29(1)
CCI-001204
Defines the frequency of changes to operating systems and applications to support a diversity of deployments.
Draft
SC-29(1)
CCI-001205
The organization employs randomness in the implementation of the virtualization techniques.
Draft
CCI-001206
The organization requires that information system developers/integrators perform a covert channel analysis to identify those aspects of system communication that are potential avenues for covert storage and timing channels.
Draft
CCI-001207
Test a subset of the identified covert channels to determine which channels are exploitable.
Draft
SC-31(1)
CCI-001208
The organization partitions the information system into components residing in separate physical domains (or environments) as deemed necessary.
Draft
CCI-001209
The information system protects the integrity of information during the processes of data aggregation, packaging, and transformation in preparation for transmission.
Draft
CCI-001210
For organization-defined system components, load and execute the operating environment from hardware-enforced, read-only media.
Draft
SC-34
CCI-001211
For organization-defined system components, load and execute organization-defined applications from hardware-enforced, read-only media.
Draft
SC-34
CCI-001212
Defines system components on which the operating environment and organization-defined applications are loaded and executed from hardware-enforced, read-only media.
Draft
SC-43
CCI-001213
Defines applications that will be loaded and executed from hardware-enforced, read-only media.
Draft
SC-34
CCI-001214
Employ organization-defined system components with no writeable storage that is persistent across component restart or power on/off.
Draft
SC-34(1)
CCI-001215
Defines the system components to be employed with no writeable storage.
Draft
SC-34(1)
CCI-001216
Protect the integrity of information prior to storage on read-only media.
Draft
SC-34(2)
CCI-001217
Develop and document an organization-level; mission/business process-level; and/or system level system and information integrity policy that addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance.
Draft
SI-1
CCI-001218
Disseminate an organization-level; mission/business process-level; and/or system level system and information integrity policy to organization-defined personnel or roles.
Draft
SI-1
CCI-001219
Review and update the current system and information integrity policy in accordance with organization-defined frequency.
Draft
SI-1
CCI-001220
Develop and document procedures to facilitate the implementation of the organization-level; mission/business process-level; and/or system level system and information integrity policy and associated system integrity controls.
Draft
SI-1
CCI-001221
Disseminate to organization-defined personnel or roles procedures to facilitate the implementation of the system and information integrity policy and associated system and information integrity controls.
Draft
SI-1
CCI-001222
Review and update the current system and information integrity procedures in accordance with organization-defined frequency.
Draft
SI-1
CCI-001223
Defines the frequency for reviewing and updating the current system and information integrity policy.
Draft
SI-1
CCI-001224
Defines the frequency for reviewing and updating the current system and information integrity procedures.
Draft
SI-1
CCI-001225
Identify system flaws.
Draft
SI-2
CCI-001226
Report system flaws.
Draft
SI-2
CCI-001227
Correct system flaws.
Draft
SI-2
CCI-001228
Test software updates related to flaw remediation for effectiveness before installation.
Draft
SI-2
CCI-001229
Test software updates related to flaw remediation for potential side effects before installation.
Draft
SI-2
CCI-001230
Incorporate flaw remediation into the organizational configuration management process.
Draft
SI-2
Prev
1...
37
38
39
40
41
42
43
44
45
...172
Next