An error occurred:
Close sidebar
Xylok
Home Menu
info@xylok.io
© 2025
Xylok, LLC
Version: releases-v2025.07.1-5f5778 - rmfrev4
Xylok
Home Menu
info@xylok.io
© 2025
Xylok, LLC
Version: releases-v2025.07.1-5f5778 - rmfrev4
Open sidebar
Navigate
Top
Search
CCIs (
5137
)
Pages (
91/172
)
CCIs
Number
Definition
Status
Related
CCI-002731
The organization requires that organization-defined user-installed software execute in a confined physical or virtual machine environment with limited privileges.
Draft
SI-7(11)
CCI-002732
Defines the user-installed software that is to have its integrity verified prior to execution.
Draft
SI-7(12)
CCI-002733
Require that the integrity of organization-defined user-installed software be verified prior to execution.
Draft
SI-7(12)
CCI-002734
Defines the personnel or roles which have the authority to explicitly approve binary or machine-executable code.
Draft
SI-7(13)
CCI-002735
The organization allows execution of binary or machine-executable code obtained from sources with limited or no warranty and without the provision of source code only in confined physical or virtual machine environments.
Draft
SI-7(13)
CCI-002736
The organization allows execution of binary or machine-executable code obtained from sources with limited or no warranty and without the provision of source code only with the explicit approval of organization-defined personnel or roles.
Draft
SI-7(13)
CCI-002737
The organization prohibits the use of binary or machine-executable code from sources with limited or no warranty and without the provision of source code.
Draft
SI-7(14)
CCI-002738
The organization provides exceptions to the source code requirement only for compelling mission/operational requirements and with the approval of the authorizing official.
Draft
SI-7(14)
CCI-002739
Defines the software or firmware components on which cryptographic mechanisms are to be implemented to support authentication prior to installation.
Draft
SI-7(15)
CCI-002740
Implement cryptographic mechanisms to authenticate organization-defined software or firmware components prior to installation.
Draft
SI-7(15)
CCI-002741
Employ spam protection mechanisms at system entry points to detect and take action on unsolicited messages.
Draft
SI-8
CCI-002742
Employ spam protection mechanisms at system exit points to detect and take action on unsolicited messages.
Draft
SI-8
CCI-002743
Implement spam protection mechanisms with a learning capability to more effectively identify legitimate communications traffic.
Draft
SI-8(3)
CCI-002744
Defines the inputs on which the system is to conduct validity checks.
Draft
SI-10
CCI-002745
Defines the inputs defined in base control (SI-10), which provide a manual override capability for input validation.
Draft
SI-10(1)
CCI-002746
Provide a manual override capability for input validation of organization-defined inputs defined in base control (SI-10).
Draft
SI-10(1)
CCI-002747
Defines the individuals who have the authorization to use the manual override capability for input validation.
Draft
SI-10(1)
CCI-002748
Restrict the use of the manual override capability to only organization-defined authorized individuals.
Draft
SI-10(1)
CCI-002749
Audit the use of the manual override capability.
Draft
SI-10(1)
CCI-002750
Defines the time-period within which input validation errors are to be reviewed.
Draft
SI-10(2)
CCI-002751
Defines the time-period within which input validation errors are to be resolved.
Draft
SI-10(2)
CCI-002752
Review input validation errors within an organization-defined time period.
Draft
SI-10(2)
CCI-002753
Resolve input validation errors within an organization-defined time period.
Draft
SI-10(2)
CCI-002754
Verify that the system behaves in a predictable and documented manner that reflects organizational and system objectives when invalid inputs are received.
Draft
SI-10(3)
CCI-002755
Account for timing interactions among system components in determining appropriate responses for invalid inputs.
Draft
SI-10(4)
CCI-002756
Defines the trusted sources to which the usage of information inputs will be restricted (e.g., whitelisting).
Draft
SI-10(5)
CCI-002757
Defines the acceptable formats to which information inputs are restricted.
Draft
SI-10(5)
CCI-002758
Restrict the use of information inputs to organization-defined trusted sources and/or organization-defined formats.
Draft
SI-10(5)
CCI-002759
Defines the personnel or roles to whom error messages are to be revealed.
Draft
SI-11
CCI-002760
Determines mean time to failure (MTTF) for organization-defined system components in specific environments of operation.
Draft
SI-13
Prev
1...
87
88
89
90
91
92
93
94
95
...172
Next