Trustmark Definitions (3101-3125 of 3493)

Trustmark Definition Name Version
Defines conformance and assessment criteria for verifying that an organization prohibits the use of devices possessing organization-defined environmental sensing capabilities in organization-defined facilities, areas, or systems.
1.0
Defines conformance and assessment criteria for verifying that an organization ensures that the information system is configured so that data or information collected by the organization-defined sensors is only reported to authorized individuals or roles.
1.0
Defines conformance and assessment criteria for verifying that an organization separates duties of individuals.
1.0
Defines conformance and assessment criteria for verifying that an organization has documented is separation of duties.
1.0
Defines conformance and assessment criteria for verifying that an organization identifies and authenticates organization-defined information system services using organization-defined security safeguards.
1.0
Defines conformance and assessment criteria for verifying that an organization ensures that service providers receive, validate, and transmit identification and authentication information.
1.0
Defines conformance and assessment criteria for verifying that an organization ensures that identification and authentication decisions are transmitted between organization-defined services consistent with organizational policies.
1.0
Defines conformance and assessment criteria for verifying that an information system provides the capability for authorized users to select a user session to capture/record or view/hear.
1.0
Defines conformance and assessment criteria for verifying that an information system provides the capability for authorized users to capture/record and log content related to a user session.
1.0
Defines conformance and assessment criteria for verifying that an information system provides the capability for authorized users to remotely view/hear all content related to an established user session in real time.
1.0
Defines conformance and assessment criteria for verifying that an information system initiates session audits at system start-up.
1.0
Defines conformance and assessment criteria for verifying that an information system protects the authenticity of communications sessions.
1.0
Defines conformance and assessment criteria for verifying that an information system only allows the use of organization-defined certificate authorities for verification of the establishment of protected sessions.
1.0
Defines conformance and assessment criteria for verifying that an information system invalidates session identifiers upon user logout or other session termination.
1.0
Defines conformance and assessment criteria for verifying that an information system generates a unique session identifier for each session with organization-defined randomness requirements and recognizes only session identifiers that are system-generated.
1.0
Addresses the requirement for an organization to document its practices with respect to PKI session key encapsulation.
1.0
Addresses the requirement for an organization to identify its support or lack of support for PKI session key encapsulation.
1.0
Addresses the requirement for organization PKI certificate authorities (CAs) that support session key recovery shall identify the document describing the practices in the applicable CP.
1.0
Addresses the requirement for an organization to identify its support or lack of support for PKI session key recovery.
1.0
Defines conformance and assessment criteria for verifying that an information system initiates a session lock at user request or after a defined period of inactivity.
1.0
Defines conformance and assessment criteria for verifying that an information system retains session locks until the user reestablishes access.
1.0
Defines conformance and assessment criteria for verifying that an information system conceals previously visible information during a session lock.
1.0
Defines conformance and assessment criteria for verifying that an information system automatically terminates a user session when defined conditions occur.
1.0
Defines conformance and assessment criteria for verifying that an information system terminates shared/group account credentials when members leave the group.
1.0
Defines conformance and assessment criteria for compliance with minimum security requirements for sharing of information system vulnerability scan results as related to overall risk assessment requirements.
1.0
This page is also available as JSON and XML.