| Trustmark Definition Name | Version |
|---|---|
|
Defines conformance and assessment criteria for verifying that an information system performs an integrity check of organization-defined information at startup.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an information system performs an integrity check of organization-defined information at organization-defined transitional states.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an information system performs an integrity check of organization-defined information upon occurrence of security-relevant events.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization incorporates the detection of unauthorized organization-defined security-relevant changes to the information system into the organizational incident response capability.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization requires that the integrity of organization-defined user-installed software be verified prior to execution.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an information system performs an integrity check of organization-defined firmware at an organization-defined frequency.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an information system performs an integrity check of organization-defined information at an organization-defined frequency.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an information system performs an integrity check of organization-defined software at an organization-defined frequency.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an information system implements organization-defined security safeguards to protect the integrity of boot firmware in organization-defined devices.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an information system performs an integrity check of organization-defined software at startup.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an information system performs an integrity check of organization-defined software at organization-defined transitional states.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an information system performs an integrity check of organization-defined software upon occurrence of security-relevant events.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization does not allow processes to execute without supervision for more than an organization-defined time period.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization prohibits the use of binary or machine-executable code from sources with limited or no warranty and without the provision of source code.
|
1.0 |
|
Addresses requirements for software to be verified as being that supplied by the vendor.
|
1.0 |
|
Addresses requirements for software to be verified as the intended version when first loaded.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an information system verifies the integrity of the boot process of organization-defined devices.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization implements spam protection.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization employs spam protection mechanisms at information system entry points to detect and take action on unsolicited messages.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization employs spam protection mechanisms at information system exit points to detect and take action on unsolicited messages.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization updates spam protection mechanisms when new releases are available in accordance with organizational configuration management policy and procedures.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an information system automatically updates spam protection mechanisms.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization centrally manages spam protection mechanisms.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an information system implements spam protection mechanisms with a learning capability to more effectively identify legitimate communications traffic.
|
1.0 |
|
Defines conformance and assessment criteria for compliance with minimum security requirements for specified privileges for each account as related to overall access control requirements.
|
1.0 |
