System and Communications Protection (SC)
[Withdrawn: Incorporated into SC-4.]
System and Communications Protection (SC)
Only allow the use of [Assignment: organization-defined certificate authorities] for verification of the establishment of protected sessions.
System and Communications Protection (SC)
Level N/A
Fail to a [Assignment: organization-defined known system state] for the following failures on the indicated components while preserving [Assignment: organization-defined system state information] in failure: [Assignment: list of organization-defined types of system failures on organization-defined system components].
System and Communications Protection (SC)
Level N/A
Employ minimal functionality and information storage on the following system components: [Assignment: organization-defined system components].
System and Communications Protection (SC)
Level N/A
Include components within organizational systems specifically designed to be the target of malicious attacks for detecting, deflecting, and analyzing such attacks.
System and Communications Protection (SC)
[Withdrawn: Incorporated into SC-42.]
System and Communications Protection (SC)
Level N/A
Include within organizational systems the following platform independent applications: [Assignment: organization-defined platform-independent applications].
System and Communications Protection (SC)
Level N/A
Protect the [Selection (one or more): confidentiality; integrity] of the following information at rest: [Assignment: organization-defined information at rest].
System and Communications Protection (SC)
Implement cryptographic mechanisms to prevent unauthorized disclosure and modification of the following information at rest on [Assignment: organization-defined system components or media]: [Assignment: organization-defined information].
System and Communications Protection (SC)
Remove the following information from online storage and store offline in a secure location: [Assignment: organization-defined information].
