An error occurred:
Close sidebar
Xylok
Home Menu
info@xylok.io
© 2025
Xylok, LLC
Version: bugfix-XSS-85-d5bffe - rmfrev4
Xylok
Home Menu
info@xylok.io
© 2025
Xylok, LLC
Version: bugfix-XSS-85-d5bffe - rmfrev4
Open sidebar
Navigate
Top
Search
CCIs (
5137
)
Pages (
47/172
)
CCIs
Number
Definition
Status
Related
CCI-001381
The organization employs the concept of least privilege, allowing only authorized accesses for users (and processes acting on behalf of users) which are necessary to accomplish assigned tasks in accordance with organizational missions and business functions.
Deprecated
CCI-001382
The organization defines the number of consecutive, unsuccessful login attempts to the mobile device.
Draft
CCI-001383
The information system provides additional protection for mobile devices accessed via login by purging information from the device after an organization-defined number of consecutive, unsuccessful login attempts to the mobile device.
Draft
CCI-001384
For publicly accessible systems, display system use information with organization-defined conditions before granting further access to the publicly accessible system.
Draft
AC-8
CCI-001385
For publicly accessible systems, displays references, if any, to monitoring that are consistent with privacy accommodations for such systems that generally prohibit those activities.
Draft
AC-8
CCI-001386
For publicly accessible systems, displays references, if any, to recording that are consistent with privacy accommodations for such systems that generally prohibit those activities.
Draft
AC-8
CCI-001387
For publicly accessible systems, displays references, if any, to auditing that are consistent with privacy accommodations for such systems that generally prohibit those activities.
Draft
AC-8
CCI-001388
For publicly accessible systems, includes a description of the authorized uses of the system.
Draft
AC-8
CCI-001389
Defines the time period that the system notifies the user of the number of successful logon/access attempts.
Draft
AC-9(2)
CCI-001390
Defines the time period that the system notifies the user of the number of unsuccessful logon/access attempts.
Draft
AC-9(2)
CCI-001391
Notify the user, upon successful logon, of the number of successful logons/accesses during the organization-defined time period.
Draft
AC-9(2)
CCI-001392
Notify the user, upon successful logon, of the number of unsuccessful logon/access attempts during the organization-defined time period.
Draft
AC-9(2)
CCI-001393
Defines the security-related characteristics/parameters of the user's account which, when changed, will result in a notification being provided to the user during the organization-defined time period.
Draft
AC-9(3)
CCI-001394
Defines the time period during which organization-defined security-related changes to the user's account are to be tracked.
Draft
AC-9(3)
CCI-001395
Notify the user, upon successful logon, of changes to organization-defined security-related characteristics/parameters of the user's account during the organization-defined time-period.
Draft
AC-9(3)
CCI-001396
The organization defines security attributes for which the information system supports and maintains the bindings for information in storage.
Draft
CCI-001397
The organization defines security attributes for which the information system supports and maintains the bindings for information in process.
Draft
CCI-001398
The organization defines security attributes for which the information system supports and maintains the bindings for information in transmission.
Draft
CCI-001399
The information system supports and maintains the binding of organization-defined security attributes to information in storage.
Draft
CCI-001400
The information system supports and maintains the binding of organization-defined security attributes to information in process.
Draft
CCI-001401
The information system supports and maintains the binding of organization-defined security attributes to information in transmission.
Draft
CCI-001402
The organization monitors for unauthorized remote access to the information system.
Draft
CCI-001403
Automatically audit account modification actions.
Draft
AC-2(4)
CCI-001404
Automatically audit account disabling actions.
Draft
AC-2(4)
CCI-001405
Automatically audit account removal actions.
Draft
AC-2(4)
CCI-001406
Defines a time period of expected inactivity when users are required to log out.
Draft
AC-2(5)
CCI-001407
Administer privileged user accounts in accordance with a role-based access scheme; or an attribute-based access scheme.
Draft
AC-2(7)
CCI-001408
Defines privileged commands for which dual authorization is to be enforced.
Draft
AC-3(2)
CCI-001409
The organization defines nondiscretionary access control policies to be enforced over the organization-defined set of users and resources, where the rule set for each policy specifies access control information employed by the policy rule set (e.g., position, nationality, age, project, time of day) and required relationships among the access control information to permit access.
Draft
CCI-001410
The organization defines the set of users and resources over which the information system is to enforce nondiscretionary access control policies.
Draft
Prev
1...
43
44
45
46
47
48
49
50
51
...172
Next