System and Communications Protection

3.13.1

Monitor, control, and protect communications (i.e., information transmitted or received by...

SC.L1-3.13.1 · 8 objectives

L1

›

3.13.10

Establish and manage cryptographic keys for cryptography employed in organizational systems.

SC.L2-3.13.10 · 2 objectives

L2

›

3.13.11

Employ FIPS-validated cryptography when used to protect the confidentiality of CUI.

SC.L2-3.13.11 · 1 objective

L2

›

3.13.12

SC.L2-3.13.12 · 3 objectives

L2

›

3.13.13

Control and monitor the use of mobile code.

SC.L2-3.13.13 · 2 objectives

L2

›

3.13.14

Control and monitor the use of Voice over Internet Protocol (VoIP) technologies

SC.L2-3.13.14 · 2 objectives

L2

›

3.13.15

Protect the authenticity of communications sessions

SC.L2-3.13.15 · 1 objective

L2

›

3.13.16

Protect the confidentiality of CUI at rest.

SC.L2-3.13.16 · 1 objective

L2

›

3.13.2

Employ architectural designs, software development techniques, and systems engineering principles...

SC.L2-3.13.2 · 6 objectives

L2

›

3.13.3

Separate user functionality from system management functionality.

SC.L2-3.13.3 · 3 objectives

L2

›

3.13.4

Prevent unauthorized and unintended information transfer via shared system resources.

SC.L2-3.13.4 · 1 objective

L2

›

3.13.5

Implement subnetworks for publicly accessible system components that are physically or logically...

SC.L1-3.13.5 · 2 objectives

L1

›

3.13.6

Deny network communications traffic by default and allow network communications traffic by...

SC.L2-3.13.6 · 2 objectives

L2

›

3.13.7

Prevent remote devices from simultaneously establishing non-remote connections with organizational...

SC.L2-3.13.7 · 1 objective

L2

›

3.13.8

Implement cryptographic mechanisms to prevent unauthorized disclosure of CUI during transmission...

SC.L2-3.13.8 · 3 objectives

L2

›

3.13.9

Terminate network connections associated with communications sessions at the end of the sessions or...

SC.L2-3.13.9 · 3 objectives

L2

›