System and Communications Protection (SC)
Implement security functions as largely independent modules that maximize internal cohesiveness within modules and minimize coupling between modules.
System and Communications Protection (SC)
Implement security functions as a layered structure minimizing interactions between layers of the design and avoiding any dependence by lower layers on the functionality or correctness of higher layers.
System and Communications Protection (SC)
Level N/A
Prevent unauthorized and unintended information transfer via shared system resources.
System and Communications Protection (SC)
[Withdrawn: Incorporated into SC-12(3).]
System and Communications Protection (SC)
Prevent unauthorized information transfer via shared resources in accordance with [Assignment: organization-defined procedures] when system processing explicitly switches between different information classification levels or security categories.
System and Communications Protection (SC)
Level N/A
a. [Selection: Protect against; Limit] the effects of the following types of denial-of-service events: [Assignment: organization-defined types of denial-of-service events]; and b. Employ the following controls to achieve the denial-of-service objective: [Assignment: organization-defined controls by type of denial-of-service event].
System and Communications Protection (SC)
Restrict the ability of individuals to launch the following denial-of-service attacks against other systems: [Assignment: organization-defined denial-of-service attacks].
System and Communications Protection (SC)
Manage capacity, bandwidth, or other redundancy to limit the effects of information flooding denial-of-service attacks.
System and Communications Protection (SC)
(a) Employ the following monitoring tools to detect indicators of denial-of-service attacks against, or launched from, the system: [Assignment: organization-defined monitoring tools]; and (b) Monitor the following system resources to determine if sufficient resources exist to prevent effective denial-of-service attacks: [Assignment: organization-defined system resources].
System and Communications Protection (SC)
Level N/A
Protect the availability of resources by allocating [Assignment: organization-defined resources] by [Selection (one or more): priority; quota; [Assignment: organization-defined controls]].
