System and Communications Protection (SC)
Provide the capability to dynamically isolate [Assignment: organization-defined system components] from other system components.
System and Communications Protection (SC)
Employ boundary protection mechanisms to isolate [Assignment: organization-defined system components] supporting [Assignment: organization-defined missions and/or business functions].
System and Communications Protection (SC)
Implement separate network addresses to connect to systems in different security domains.
System and Communications Protection (SC)
Disable feedback to senders on protocol format validation failure.
System and Communications Protection (SC)
For systems that process personally identifiable information: (a) Apply the following processing rules to data elements of personally identifiable information: [Assignment: organization-defined processing rules]; (b) Monitor for permitted processing at the external interfaces to the system and at key internal boundaries within the system; (c) Document each processing exception; and (d) Review and remove exceptions that are no longer supported.
System and Communications Protection (SC)
Prohibit the direct connection of [Assignment: organization-defined unclassified national security system] to an external network without the use of [Assignment: organization-defined boundary protection device].
System and Communications Protection (SC)
Prohibit the direct connection of a classified national security system to an external network without the use of [Assignment: organization-defined boundary protection device].
System and Communications Protection (SC)
Prohibit the direct connection of [Assignment: organization-defined unclassified non-national security system] to an external network without the use of [Assignment: organization-defined boundary protection device].
System and Communications Protection (SC)
Prohibit the direct connection of [Assignment: organization-defined system] to a public network.
System and Communications Protection (SC)
Implement [Selection: physically; logically] separate subnetworks to isolate the following critical system components and functions: [Assignment: organization-defined critical system components and functions].
