Trustmark Definitions (2901-2925 of 3247)

Trustmark Definition Name	Version
Signed Declarations Of Identity By PKI Certificate Applicants XML \| JSON \| Addresses requirements that organizations record signed declarations of identity by PKI certificate applicants.	1.0
Single Key PKI Certificates Are Not Used For Authenticating Data XML \| JSON \| Addresses restrictions on the use of dual-use certificates.	1.0
Single Key PKI Certificates Do Not Assert Non-repudiation Bit XML \| JSON \| Addresses the key usage bit requirements for dual-use certificates.	1.0
Software Integrity XML \| JSON \| This Trustmark Definition addresses organizational requirements to implement software integrity verification tools for information systems.	1.0
Software Update Sources XML \| JSON \| Addresses the requirement for software updates to be purchased or developed in the same manner as original equipment.	1.0
Software Updates Installed By Trusted and Trained Personnel XML \| JSON \| Addresses the requirement for software updates to be installed by trusted and trained personnel in a defined manner.	1.0
Software Usage In Compliance with Contracts and Copyrights XML \| JSON \| Defines conformance and assessment criteria for compliance with minimum security requirements for software usage in compliance with contracts and copyrights as related to overall configuration management requirements.	1.0
Software Usage Restrictions \| Open Source Software XML \| JSON \| Defines conformance and assessment criteria for verifying that an organization establishes restrictions on the use of open source software.	1.0
Software, Firmware, And Information Integrity \| Auditing Capability For Significant Events XML \| JSON \| Defines conformance and assessment criteria for verifying that an information system, upon detection of a potential integrity violation, provides the capability to audit the event and initiates one or more of the following actions: generate an audit record; alert the current user; alert organization-defined personnel or roles; other organization-defined actions.	1.0
Software, Firmware, And Information Integrity \| Automated Notifications Of Integrity Violations XML \| JSON \| Defines conformance and assessment criteria for verifying that an organization employs automated tools that provide notification to organization-defined personnel or roles upon discovering discrepancies during integrity verification.	1.0
Software, Firmware, And Information Integrity \| Automated Response To Integrity Violations - Restart XML \| JSON \| Defines conformance and assessment criteria for verifying that an information system automatically restarts the information systemwhen integrity violations are discovered.	1.0
Software, Firmware, And Information Integrity \| Automated Response To Integrity Violations - Safeguards XML \| JSON \| Defines conformance and assessment criteria for verifying that an information system automatically implements organization-defined security safeguards when integrity violations are discovered.	1.0
Software, Firmware, And Information Integrity \| Automated Response To Integrity Violations - Shutdown XML \| JSON \| Defines conformance and assessment criteria for verifying that an information system automatically shuts the information system down when integrity violations are discovered.	1.0
Software, Firmware, And Information Integrity \| Centrally-Managed Integrity Tools XML \| JSON \| Defines conformance and assessment criteria for verifying that an organization employs centrally managed integrity verification tools.	1.0
Software, Firmware, And Information Integrity \| Code Authentication XML \| JSON \| Defines conformance and assessment criteria for verifying that an information system implements cryptographic mechanisms to authenticate organization-defined software or firmware components prior to installation.	1.0
Software, Firmware, And Information Integrity \| Code Execution In Protected Environments XML \| JSON \| Defines conformance and assessment criteria for verifying that an organization allows execution of binary or machine-executable code obtained from sources with limited or no warranty and without the provision of source code only in confined physical or virtual machine environments and with the explicit approval of organization-defined personnel or roles.	1.0
Software, Firmware, And Information Integrity \| Confined Environments With Limited Privileges XML \| JSON \| Defines conformance and assessment criteria for verifying that an organization requires that organization-defined user-installed software execute in a confined physical or virtual machine environment with limited privileges.	1.0
Software, Firmware, And Information Integrity \| Cryptographic Protection XML \| JSON \| Defines conformance and assessment criteria for verifying that an information system implements cryptographic mechanisms to detect unauthorized changes to software, firmware, and information.	1.0
Software, Firmware, And Information Integrity \| Exceptions for Unsupported Binary Or Machine Executable Code XML \| JSON \| Defines conformance and assessment criteria for verifying that an organization provides exceptions to requiring source code for use of binary or machine-executable code from sources with limited or no warranty only for compelling mission/operational requirements and with the approval of the authorizing official.	1.0
Software, Firmware, And Information Integrity \| Firmware Integrity Checks At Startup XML \| JSON \| Defines conformance and assessment criteria for verifying that an information system performs an integrity check of organization-defined firmware at startup.	1.0
Software, Firmware, And Information Integrity \| Firmware Integrity Checks at Transitional States XML \| JSON \| Defines conformance and assessment criteria for verifying that an information system performs an integrity check of organization-defined firmware] at organization-defined transitional states.	1.0
Software, Firmware, And Information Integrity \| Firmware Integrity Checks Based on Security Events XML \| JSON \| Defines conformance and assessment criteria for verifying that an information system performs an integrity check of organization-defined firmware upon occurrence of security-relevant events.	1.0
Software, Firmware, And Information Integrity \| Information Integrity Checks at Startup XML \| JSON \| Defines conformance and assessment criteria for verifying that an information system performs an integrity check of organization-defined information at startup.	1.0
Software, Firmware, And Information Integrity \| Information Integrity Checks at Transitional States XML \| JSON \| Defines conformance and assessment criteria for verifying that an information system performs an integrity check of organization-defined information at organization-defined transitional states.	1.0
Software, Firmware, And Information Integrity \| Information Integrity Checks Based on Security Events XML \| JSON \| Defines conformance and assessment criteria for verifying that an information system performs an integrity check of organization-defined information upon occurrence of security-relevant events.	1.0

This page is also available as JSON and XML.