An error occurred:

CCIs

Number Definition Status Related
CCI-002671 Analyze outbound communications traffic at the external interfaces of the system to detect covert exfiltration of information. Draft SI-4(18)
CCI-002672 Analyze outbound communications traffic at organization-defined interior points within the system to detect covert exfiltration of information. Draft SI-4(18)
CCI-002673 Defines the additional monitoring to be implemented for individuals identified as posing an increased level of risk. Draft SI-4(19)
CCI-002674 Defines the sources that may be used to identify individuals who pose an increased level of risk. Draft SI-4(19)
CCI-002675 Implement organization-defined additional monitoring of individuals who have been identified by organization-defined sources as posing an increased level of risk. Draft SI-4(19)
CCI-002676 Defines additional monitoring to be implemented for privileged users. Draft SI-4(20)
CCI-002677 Implement organization-defined additional monitoring of privileged users. Draft SI-4(20)
CCI-002678 Defines additional monitoring to be implemented for individuals during an organization-defined probationary period. Draft SI-4(21)
CCI-002679 Defines the probationary period during which additional monitoring will be implemented for individuals. Draft SI-4(21)
CCI-002680 Implement organization-defined additional monitoring of individuals during an organization-defined probationary period. Draft SI-4(21)
CCI-002681 Defines the authorization or approval process for network services. Draft SI-4(22)
CCI-002682 Defines the personnel or roles to be alerted when unauthorized or unapproved network services are detected. Draft SI-4(22)
CCI-002683 Detect network services that have not been authorized or approved by the organization-defined authorization or approval processes. Draft SI-4(22)
CCI-002684 Audit and/or alert organization-defined personnel when unauthorized network services are detected. Draft SI-4(22)
CCI-002685 Defines the host-based monitoring mechanisms to be implemented at organization-defined system components. Draft SI-4(23)
CCI-002686 Defines the system components at which organization-defined host-based monitoring mechanisms are to be implemented. Draft SI-4(23)
CCI-002687 Implement organization-defined host-based monitoring mechanisms at organization-defined system components. Draft SI-4(23)
CCI-002688 Discover indicators of compromise. Draft SI-4(24)
CCI-002689 Collect indicators of compromise. Draft SI-4(24)
CCI-002690 Distribute indicators of compromise provided by organization-defined sources, to organization-defined personnel or roles. Draft SI-4(24)
CCI-002691 The information system uses indicators of compromise. Draft SI-4(24)
CCI-002692 Defines the external organizations from which it receives information system security alerts, advisories, and directives. Draft SI-5
CCI-002693 Defines the elements within the organization to whom the organization will disseminate security alerts, advisories, and directives. Draft SI-5
CCI-002694 Defines the external organizations to which the organization will disseminate security alerts, advisories, and directives. Draft SI-5
CCI-002695 Defines the security functions that require verification of correct operation. Draft SI-6
CCI-002696 Verify correct operation of organization-defined security functions. Draft SI-6
CCI-002697 Defines the frequency at which it will verify correct operation of organization-defined security functions. Draft SI-6
CCI-002698 Defines the system transitional states when the system will verify correct operation of organization-defined security functions. Draft SI-6
CCI-002699 Perform verification of the correct operation of organization-defined security functions: when the system is in an organization-defined transitional state; upon command by a user with appropriate privileges; and/or on an organization-defined frequency. Draft SI-6
CCI-002700 Defines the personnel or roles to be notified when security verification tests fail. Draft SI-6