An error occurred:
Close sidebar
Xylok
Home Menu
info@xylok.io
© 2025
Xylok, LLC
Version: bugfix-XSS-85-d5bffe - rmfrev4
Xylok
Home Menu
info@xylok.io
© 2025
Xylok, LLC
Version: bugfix-XSS-85-d5bffe - rmfrev4
Open sidebar
Navigate
Top
Search
CCIs (
5137
)
Pages (
45/172
)
CCIs
Number
Definition
Status
Related
CCI-001321
Prohibit processes from executing without supervision for more than an organization-defined time period.
Draft
SI-7(16)
CCI-001322
Defines a time period that is the longest a process is allowed to execute without supervision.
Draft
SI-7(16)
CCI-001323
Manually initiate transfers between active and standby system components when the use of the active component reaches an organization-defined percentage of the mean time to failure.
Draft
SI-13(3)
CCI-001324
The organization defines the minimum frequency at which the organization manually initiates a transfer between active and standby information system components if the mean time to failure (MTTF) exceeds the organization-defined time period.
Draft
SI-13(3)
CCI-001325
The organization defines a time period that the mean time to failure (MTTF) must exceed before the organization manually initiates a transfer between active and standby information system components.
Draft
SI-13(3)
CCI-001326
If system component failures are detected, ensure standby components are successfully and transparently installed within an organization-defined time period.
Draft
SI-13(4)
CCI-001327
Defines a time period for a standby system component to be successfully and transparently installed for the system component that has failed.
Draft
SI-13(4)
CCI-001328
If system component failures are detected, activate an organization-defined alarm, automatically shut down the system, and/or organization-defined action.
Draft
SI-13(4)
CCI-001329
Defines the alarm to be activated when a system component failure is detected.
Draft
SI-13(4)
CCI-001330
Prohibit the use of unclassified mobile devices in facilities containing systems processing, storing, or transmitting classified information unless specifically permitted by the authorizing official.
Draft
AC-19(4)
CCI-001331
Prohibit the connection of unclassified mobile devices to classified systems.
Draft
AC-19(4)
CCI-001332
Connection of unclassified mobile devices to unclassified systems requires approval from the authorizing official.
Draft
AC-19(4)
CCI-001333
Use of internal or external modems or wireless interfaces within the unclassified mobile devices is prohibited.
Draft
AC-19(4)
CCI-001334
Require unclassified mobile devices used in facilities containing systems processing, storing, or transmitting classified information and the information stored on those devices be subject to random reviews and inspections by organization-defined security officials.
Draft
AC-19(4)
CCI-001335
Defines security officials to perform reviews and inspections of unclassified mobile devices in facilities containing systems processing, storing, or transmitting classified information.
Draft
AC-19(4)
CCI-001336
Retain individual training records for an organization-defined time-period.
Draft
AT-4
CCI-001337
Defines the time period for retaining individual training records.
Draft
AT-4
CCI-001338
The information system associates the identity of the information producer with the information.
Draft
CCI-001339
The information system validates the binding of the information producer's identity to the information.
Draft
CCI-001340
Maintain reviewer or releaser identity and credentials within the established chain of custody for all information reviewed or released.
Draft
AU-10(3)
CCI-001341
Validate the binding of the information reviewer identity to the information at the transfer or release points prior to release or transfer between organization-defined security domains.
Draft
AU-10(4)
CCI-001342
The organization employs either FIPS-validated or NSA-approved cryptography to implement digital signatures.
Deprecated
CCI-001343
The information system invokes a system shutdown in the event of an audit failure, unless an alternative audit capability exists.
Draft
CCI-001344
The organization specifies the permitted actions for each authorized information system process, role, and/or user in the audit and accountability policy.
Draft
CCI-001345
The organization employs automated mechanisms to alert security personnel of any organization-defined inappropriate or unusual activities with security implications.
Deprecated
CCI-001346
The organization defines a list of inappropriate or unusual activities with security implications that are to result in alerts to security personnel.
Draft
CCI-001347
The organization performs, in a physically dedicated information system, full-text analysis of privileged functions executed.
Draft
CCI-001348
Store audit records on an organization-defined frequency in a repository that is part of a physically different system or system component than the system or component being audited.
Draft
AU-9(2)
CCI-001349
Defines a frequency for storing audit records in a repository that is part of a physically different system or system component than the system or component being audited.
Draft
AU-9(2)
CCI-001350
Implement cryptographic mechanisms to protect the integrity of audit information.
Draft
AU-9(3)
Prev
1...
41
42
43
44
45
46
47
48
49
...172
Next