An error occurred:
Close sidebar
Xylok
Home Menu
info@xylok.io
© 2025
Xylok, LLC
Version: bugfix-XSS-85-d5bffe - rmfrev4
Xylok
Home Menu
info@xylok.io
© 2025
Xylok, LLC
Version: bugfix-XSS-85-d5bffe - rmfrev4
Open sidebar
Navigate
Top
Search
CCIs (
5137
)
Pages (
56/172
)
CCIs
Number
Definition
Status
Related
CCI-001651
The organization requires the information system integrators to manage and control changes to the information system during development.
Draft
CCI-001652
The organization requires the information system developers to manage and control changes to the information system during implementation.
Draft
CCI-001653
The organization requires the information system integrators to manage and control changes to the information system during implementation.
Draft
CCI-001654
The organization requires the information system developers to manage and control changes to the information system during modification.
Draft
CCI-001655
The organization requires the information system integrators to manage and control changes to the information system during modification.
Draft
CCI-001656
The organization defines the security functions of the information system to be isolated from nonsecurity functions.
Draft
CCI-001657
The organization defines the external boundary of the information system.
Draft
CCI-001658
The organization defines key internal boundaries of the information system.
Draft
CCI-001659
The organization defines the mediation necessary for public access to the organization's internal networks.
Draft
CCI-001660
The organization defines the measures to protect against unauthorized physical connections across boundary protections implemented at organization-defined managed interfaces.
Draft
CCI-001661
Defines the security functions, to at a minimum, include system authentication and re-authentication, for permitting users to invoke the trusted communications path.
Draft
SC-11
CCI-001662
Take organization-defined corrective action when organization-defined unacceptable mobile code is identified.
Draft
SC-18(1)
CCI-001663
The information system, when operating as part of a distributed, hierarchical namespace, provides the means to enable verification of a chain of trust among parent and child domains (if the child supports secure resolution services).
Draft
SC-20
CCI-001664
Recognize only session identifiers that are system-generated.
Draft
SC-23(3)
CCI-001665
Preserve organization-defined system state information in the event of a system failure.
Draft
SC-24
CCI-001666
The organization employs cryptographic mechanisms to prevent unauthorized modification of information at rest unless otherwise protected by alternative physical measures.
Draft
CCI-001667
The organization compares the time measured between flaw identification and flaw remediation with organization-defined benchmarks.
Draft
CCI-001668
The organization employs malicious code protection mechanisms at workstations, servers, or mobile computing devices on the network to detect and eradicate malicious code transported by electronic mail, electronic mail attachments, web accesses, removable media, or other common means or inserted through the exploitation of information system vulnerabilities.
Draft
CCI-001669
Defines the frequency of testing malicious code protection mechanisms.
Draft
SI-3(6)
CCI-001670
Take organization-defined least-disruptive actions to terminate suspicious events.
Draft
SI-4(7)
CCI-001671
Analyze outbound communications traffic at selected organization-defined interior points within the system to discover anomalies.
Draft
SI-4(11)
CCI-001672
The organization employs a wireless intrusion detection system to identify rogue wireless devices.
Draft
CCI-001673
Employ a wireless intrusion detection system to identify rogue wireless devices and to detect attack attempts and potential compromises or breaches to the system.
Draft
SI-4(14)
CCI-001674
The information system responds to security function anomalies in accordance with organization-defined responses and alternative action(s).
Draft
CCI-001675
Defines the personnel or roles that are to receive reports on the results of security function verification.
Draft
SI-6(3)
CCI-001676
The organization defines, for periodic security function verification, the frequency of the verifications.
Draft
CCI-001677
The organization employs spam protection mechanisms at workstations, servers, or mobile computing devices on the network to detect and take action on unsolicited messages transported by electronic mail, electronic mail attachments, web accesses, removable media, or other common means.
Draft
CCI-001678
Retain information within the system and information output from the system in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and operational requirements.
Draft
SI-12
CCI-001679
The organization provides a mechanism to exchange active and standby roles of the components.
Draft
CCI-001680
Develop an organization-wide information security program plan that includes the identification and assignment of roles, responsibilities, management commitment, coordination among organizational entities, and compliance.
Draft
PM-1
Prev
1...
52
53
54
55
56
57
58
59
60
...172
Next