An error occurred:
Close sidebar
Xylok
Home Menu
info@xylok.io
© 2025
Xylok, LLC
Version: bugfix-XSS-85-d5bffe - rmfrev4
Xylok
Home Menu
info@xylok.io
© 2025
Xylok, LLC
Version: bugfix-XSS-85-d5bffe - rmfrev4
Open sidebar
Navigate
Top
Search
CCIs (
5137
)
Pages (
78/172
)
CCIs
Number
Definition
Status
Related
CCI-002341
Defines the information sharing restrictions to be enforced when implementing information search and retrieval services.
Draft
AC-21(2)
CCI-002342
Implement information search and retrieval services that enforce organization-defined information sharing restrictions.
Draft
AC-21(2)
CCI-002343
Defines the data mining prevention techniques to be employed to protect organization-defined data storage objects against data mining.
Draft
AC-23
CCI-002344
Defines the data mining detection techniques to be employed to detect data mining attempts against organization-defined data storage objects.
Draft
AC-23
CCI-002345
Defines the data storage objects that are to be protected against data mining attempts.
Draft
AC-23
CCI-002346
Employ organization-defined data mining prevention techniques for organization-defined data storage objects to protect against unauthorized data mining.
Draft
AC-23
CCI-002347
Employ organization-defined data mining detection techniques for organization-defined data storage objects to detect data mining attempts.
Draft
AC-23
CCI-002348
Defines the access control decisions that are to be applied to each access request prior to access enforcement.
Draft
AC-24
CCI-002349
Establish procedures or implement mechanisms to ensure organization-defined access control decisions are applied to each access request prior to access enforcement.
Draft
AC-24
CCI-002350
Defines the access authorization information that is to be transmitted using organization-defined security safeguards to organization-defined systems that enforce access control decisions.
Draft
AC-24(1)
CCI-002351
Defines the controls to be employed when transmitting organization-defined access authorization information to organization-defined systems that enforce access control decisions.
Draft
AC-24(1)
CCI-002352
Defines the systems that are to be recipients of organization-defined access authorization information using organization-defined security safeguards.
Draft
AC-24(1)
CCI-002353
Transmit organization-defined access authorization information using organization-defined controls to organization-defined systems that enforce access control decisions.
Draft
AC-24(1)
CCI-002354
Defines the security attributes, not to include the identity of the user or process acting on behalf of the user, to be used as the basis for enforcing access control decisions.
Draft
AC-24(2)
CCI-002355
Enforce access control decisions based on organization-defined security or privacy attributes that do not include the identity of the user or process acting on behalf of the user.
Draft
AC-24(2)
CCI-002356
Defines the access control policies to be implemented by the reference monitor.
Draft
AC-25
CCI-002357
Implement a reference monitor for organization-defined access control policies that is tamperproof.
Draft
AC-25
CCI-002358
Implement a reference monitor for organization-defined access control policies that is always invoked.
Draft
AC-25
CCI-002359
Implement a reference monitor for organization-defined access control policies that is small enough to be subject to analysis and testing, the completeness of which can be assured.
Draft
AC-25
CCI-002360
Defines the conditions or trigger events requiring session disconnect when automatically terminating a user session.
Draft
AC-12
CCI-002361
Automatically terminate a user session after organization-defined conditions or trigger events requiring session disconnect.
Draft
AC-12
CCI-002362
Defines the information resources requiring authentication in order to gain access.
Draft
AC-12(1)
CCI-002363
Provide a logout capability for user-initiated communications sessions whenever authentication is used to gain access to organization-defined information resources.
Draft
AC-12(1)
CCI-002364
Display an explicit logout message to users indicating the reliable termination of authenticated communications sessions.
Draft
AC-12(1)
CCI-002365
The organization manages information system authenticators by requiring individuals to take specific security safeguards to protect authenticators.
Draft
IA-5
CCI-002366
The organization manages information system authenticators by having devices implement specific security safeguards to protect authenticators.
Draft
IA-5
CCI-002367
The organization ensures unencrypted static authenticators are not embedded in applications.
Draft
IA-5(7)
CCI-002368
Defines the personnel or roles to whom the organization-level; mission/business process-level; system-level risk assessment policy is disseminated.
Draft
RA-1
CCI-002369
Defines the personnel or roles to whom the risk assessment procedures are disseminated.
Draft
RA-1
CCI-002370
Disseminate risk assessment results to organization-defined personnel or roles.
Draft
RA-3
Prev
1...
74
75
76
77
78
79
80
81
82
...172
Next