An error occurred:
Close sidebar
Xylok
Home Menu
info@xylok.io
© 2025
Xylok, LLC
Version: releases-v2025.07.1-5f5778 - rmfrev4
Xylok
Home Menu
info@xylok.io
© 2025
Xylok, LLC
Version: releases-v2025.07.1-5f5778 - rmfrev4
Open sidebar
Navigate
Top
Search
CCIs (
5137
)
Pages (
79/172
)
CCIs
Number
Definition
Status
Related
CCI-002371
Defines the personnel or roles to whom the risk assessment results will be disseminated.
Draft
RA-3
CCI-002372
Correlate the output from vulnerability scanning tools to determine the presence of multi-vulnerability and multi-hop attack vectors.
Draft
RA-5(10)
CCI-002373
Define the breadth and depth of vulnerability scanning coverage (i.e., information system components scanned and vulnerabilities checked).
Draft
RA-5(3)
CCI-002374
Defines the corrective actions if unintended information about the system is discovered.
Draft
RA-5(4)
CCI-002375
Take organization-defined corrective actions if information about the system is discovered.
Draft
RA-5(4)
CCI-002376
Defines the personnel or roles with whom the information obtained from the vulnerability monitoring process and control assessments will be shared.
Draft
RA-5
CCI-002377
The organization documents the system and communications protection policy.
Draft
SC-1
CCI-002378
Defines the personnel or roles to be recipients of the organization-level; mission/business process-level; and/or system-level system and communications protection policy.
Draft
SC-1
CCI-002379
The organization documents procedures to facilitate the implementation of the system and communications protection policy and associated system and communications protection controls.
Draft
SC-1
CCI-002380
Defines the personnel or roles to be recipients of the procedures to facilitate the implementation of the system and communications protection policy and associated system and communications protection controls.
Draft
SC-1
CCI-002381
Minimize the number of nonsecurity functions included within the isolation boundary containing security functions.
Draft
SC-3(3)
CCI-002382
Implement security functions as largely independent modules that maximize internal cohesiveness within modules and minimize coupling between modules.
Draft
SC-3(4)
CCI-002383
Defines the procedures to be employed to prevent unauthorized information transfer via shared resources when system processing explicitly switches between different information classification levels or security categories.
Draft
SC-4(2)
CCI-002384
Prevent unauthorized information transfer via shared resources in accordance with organization-defined procedures when system processing explicitly switches between different information classification levels or security categories.
Draft
SC-4(2)
CCI-002385
Protect against or limit the effects of organization-defined types of denial-of-service events.
Draft
SC-5
CCI-002386
The organization defines the security safeguards to be employed to protect the information system against, or limit the effects of, denial of service attacks.
Draft
SC-5
CCI-002387
Defines the denial of service attacks against other systems that the system is to restrict the ability of individuals to launch.
Draft
SC-5(1)
CCI-002388
Defines the monitoring tools to be employed to detect indicators of denial-of-service attacks against the system.
Draft
SC-5(3)
CCI-002389
Employ organization-defined monitoring tools to detect indicators of denial-of-service attacks against, or launched from, the system.
Draft
SC-5(3)
CCI-002390
Defines the system resources to be monitored to determine if sufficient resources exist to prevent effective denial-of-service attacks.
Draft
SC-5(3)
CCI-002391
Monitor organization-defined system resources to determine if sufficient resources exist to prevent effective denial-of-service attacks.
Draft
SC-5(3)
CCI-002392
Defines the resources to be allocated to protect the availability of system resources.
Draft
SC-6
CCI-002393
Defines the controls to be employed to protect the availability of system resources.
Draft
SC-6
CCI-002394
Protect the availability of resources by allocating organization-defined resources based on priority, quota, and/or organization-defined controls.
Draft
SC-6
CCI-002395
Implement subnetworks for publicly accessible system components that are physically and/or logically separated from internal organizational networks.
Draft
SC-7
CCI-002396
Protect the confidentiality and integrity of the information being transmitted across each interface for each external telecommunication service.
Draft
SC-7(4)
CCI-002397
Prevent split tunneling for remote devices connecting to organizational systems unless the split tunnel is securely provisioned using organization-defined safeguards.
Draft
SC-7(7)
CCI-002398
Detect outgoing communications traffic posing a threat to external systems.
Draft
SC-7(9)
CCI-002399
Deny outgoing communications traffic posing a threat to external systems.
Draft
SC-7(9)
CCI-002400
Audit the identity of internal users associated with denied outgoing communications traffic posing a threat to external systems.
Draft
SC-7(9)
Prev
1...
75
76
77
78
79
80
81
82
83
...172
Next