An error occurred:
Close sidebar
Xylok
Home Menu
info@xylok.io
© 2025
Xylok, LLC
Version: bugfix-XSS-85-d5bffe - rmfrev4
Xylok
Home Menu
info@xylok.io
© 2025
Xylok, LLC
Version: bugfix-XSS-85-d5bffe - rmfrev4
Open sidebar
Navigate
Top
Search
CCIs (
5137
)
Pages (
74/172
)
CCIs
Number
Definition
Status
Related
CCI-002221
Defines the security-relevant information for which access must be explicitly authorized.
Draft
AC-6(1)
CCI-002222
Authorize access for organization-defined individuals or roles to organization-defined security functions (deployed in hardware, software, and firmware).
Draft
AC-6(1)
CCI-002223
Authorize access for organization-defined individuals or roles to organization-defined security-relevant information.
Draft
AC-6(1)
CCI-002224
Defines the compelling operational needs that must be met in order to be authorized network access to organization-defined privileged commands.
Draft
AC-6(3)
CCI-002225
Provide separate processing domains to enable finer-grained allocation of user privileges.
Draft
AC-6(4)
CCI-002226
Defines the personnel or roles to whom privileged accounts are to be restricted on the information system.
Draft
AC-6(5)
CCI-002227
Restrict privileged accounts on the system to organization-defined personnel or roles.
Draft
AC-6(5)
CCI-002228
Defines the frequency on which it conducts reviews of the privileges assigned to organization-defined roles or classes of users.
Draft
AC-6(7)
CCI-002229
Defines the roles or classes of users that are to have their privileges reviewed on an organization-defined frequency.
Draft
AC-6(7)
CCI-002230
Review, on an organization-defined frequency, the privileges assigned to organization-defined roles or classes of users to validate the need for such privileges.
Draft
AC-6(7)
CCI-002231
Reassign or remove privileges, if necessary, to correctly reflect organizational mission and business needs.
Draft
AC-6(7)
CCI-002232
Defines the software that is prevented from executing at a higher privilege than users executing the software.
Draft
AC-6(8)
CCI-002233
Prevent the organization-defined software from executing at higher privilege levels than users executing the software.
Draft
AC-6(8)
CCI-002234
Log the execution of privileged functions.
Draft
AC-6(9)
CCI-002235
Prevent non-privileged users from executing privileged functions.
Draft
AC-6(10)
CCI-002236
Defines the time period the information system will automatically lock the account or node when the maximum number of unsuccessful logon attempts is exceeded.
Draft
AC-7
CCI-002237
Defines the delay algorithm to delay the next logon prompt when the maximum number of unsuccessful logon attempts is exceeded.
Draft
AC-7
CCI-002238
Automatically lock the account or node for either an organization-defined time period, until the locked account or node is released by an administrator, or delays the next logon prompt according to the organization-defined delay algorithm when the maximum number of unsuccessful logon attempts is exceeded.
Draft
AC-7
CCI-002239
Defines the mobile devices that are to be purged or wiped after an organization-defined number of consecutive, unsuccessful device logon attempts.
Draft
AC-7(2)
CCI-002240
Defines the purging or wiping requirements and techniques to be used on organization-defined mobile devices after an organization-defined number of consecutive, unsuccessful device logon attempts.
Draft
AC-7(2)
CCI-002241
Defines the number of consecutive, unsuccessful device logon attempts after which the organization-defined mobile devices will be purged or wiped.
Draft
AC-7(2)
CCI-002242
Purge or wipe information from organization-defined mobile devices based on organization-defined purging or wiping requirements and techniques after an organization-defined number of consecutive, unsuccessful device logon attempts.
Draft
AC-7(2)
CCI-002243
Organization-defined system use notification message or banner is to state that users are accessing a U.S. Government system.
Draft
AC-8
CCI-002244
Organization-defined system use notification message or banner is to state that system usage may be monitored, recorded, and subject to audit.
Draft
AC-8
CCI-002245
Organization-defined system use notification message or banner is to state that unauthorized use of the system is prohibited and subject to criminal and civil penalties.
Draft
AC-8
CCI-002246
Organization-defined system use notification message or banner is to state that use of the system indicates consent to monitoring and recording.
Draft
AC-8
CCI-002247
Defines the use notification message or banner the system displays to users before granting access to the system.
Draft
AC-8
CCI-002248
Defines the conditions of use which are to be displayed to users of the system before granting further access.
Draft
AC-8
CCI-002249
Defines the additional information to be included in the notification to the user upon successful logon.
Draft
AC-9(4)
CCI-002250
Notify the user, upon successful logon, of the following additional information: organization-defined additional information.
Draft
AC-9(4)
Prev
1...
70
71
72
73
74
75
76
77
78
...172
Next