An error occurred:
Close sidebar
Xylok
Home Menu
info@xylok.io
© 2025
Xylok, LLC
Version: bugfix-XSS-85-d5bffe - rmfrev4
Xylok
Home Menu
info@xylok.io
© 2025
Xylok, LLC
Version: bugfix-XSS-85-d5bffe - rmfrev4
Open sidebar
Navigate
Top
Search
CCIs (
5137
)
Pages (
6/172
)
CCIs
Number
Definition
Status
Related
CCI-000151
Defines the frequency for the review and analysis of system audit records for organization-defined inappropriate or unusual activity.
Draft
AU-6
CCI-000152
The information system integrates audit review, analysis, and reporting processes to support organizational processes for investigation and response to suspicious activities.
Draft
CCI-000153
Analyze and correlate audit records across different repositories to gain organization-wide situational awareness.
Draft
AU-6(3)
CCI-000154
Provide the capability to centrally review and analyze audit records from multiple components within the system.
Draft
AU-6(4)
CCI-000155
The organization integrates analysis of audit records with analysis of vulnerability scanning information, performance data, and network monitoring information to further enhance the ability to identify inappropriate or unusual activity.
Draft
CCI-000156
The information system provides an audit reduction capability.
Draft
CCI-000157
The information system provides a report generation capability.
Draft
CCI-000158
Provide the capability to process, sort, and search audit records for events of interest based on organization-defined audit fields within audit records.
Draft
AU-7(1)
CCI-000159
Use internal system clocks to generate time stamps for audit records.
Draft
AU-8
CCI-000160
The information system synchronizes internal information system clocks on an organization-defined frequency with an organization-defined authoritative time source.
Draft
CCI-000161
The organization defines the frequency for the synchronization of internal information system clocks.
Draft
AU-8(1)
CCI-000162
Protect audit information from unauthorized access.
Draft
AU-9
CCI-000163
Protect audit information from unauthorized modification.
Draft
AU-9
CCI-000164
Protect audit information from unauthorized deletion.
Draft
AU-9
CCI-000165
Write audit records to hardware-enforced, write-once media.
Draft
AU-9(1)
CCI-000166
Provide irrefutable evidence that an individual (or process acting on behalf of an individual) falsely denying having performed organization-defined actions to be covered by non-repudiation.
Draft
AU-10
CCI-000167
Retain audit records for an organization-defined time period to provide support for after-the-fact investigations of incidents and to meet regulatory and organizational information retention requirements.
Draft
AU-11
CCI-000168
Defines the time period for retention of audit records, which is consistent with its records retention policy, to provide support for after-the-fact investigations of incidents and meet regulatory and organizational information retention requirements.
Draft
AU-11
CCI-000169
Provide audit record generation capability for the event types the system is capable of auditing as defined in AU-2 a on organization-defined information system components.
Draft
AU-12
CCI-000170
Implement a process to ensure that plans of action and milestones for the security program and associated organizational systems document the remedial information security actions to adequately respond to risk to organizational operations and assets, individuals, other organizations, and the Nation.
Draft
PM-4
CCI-000171
Allow organization-defined personnel or roles to select the event types that are to be logged by specific components of the system.
Draft
AU-12
CCI-000172
Generate audit records for the event types defined in AU-2 c that include the audit record content defined in AU-3.
Draft
AU-12
CCI-000173
Defines the level of tolerance for relationship between time stamps of individual records in the audit trail that will be used for correlation.
Draft
AU-12(1)
CCI-000174
Compile audit records from organization-defined information system components into a system-wide (logical or physical) audit trail that is time-correlated to within an organization-defined level of tolerance for relationship between time stamps of individual records in the audit trail.
Draft
AU-12(1)
CCI-000175
The organization manages information system authenticators for users and devices by verifying, as part of the initial authenticator distribution, the identity of the individual and/or device receiving the authenticator.
Draft
CCI-000176
Manage system authenticators by establishing initial authenticator content for authenticators issued by the organization.
Draft
IA-5
CCI-000177
The organization manages information system authenticators for users and devices by establishing and implementing administrative procedures for initial authenticator distribution, for lost/compromised, or damaged authenticators, and for revoking authenticators.
Draft
CCI-000178
The organization manages information system authenticators for users and devices by changing default content of authenticators upon information system installation.
Draft
CCI-000179
The organization manages information system authenticators by establishing minimum lifetime restrictions for authenticators.
Draft
IA-5
CCI-000180
The organization manages information system authenticators by establishing maximum lifetime restrictions for authenticators.
Draft
IA-5
Prev
1...
2
3
4
5
6
7
8
9
10
...172
Next