Trustmark Definitions (3301-3325 of 3325)

Trustmark Definition Name Version
Addresses the requirement for PKI certificate authorities to issue X.509 version 1 or version 2 certificate revocation lists.
1.0
Defines conformance and assessment criteria for compliance with minimum security requirements for reporting of suspected security weaknesses as related to overall incident response requirements.
1.1
Defines conformance and assessment criteria for verifying that all personnel screening requirements for accessing CJI are met.
1.2
Defines conformance and assessment criteria for verifying that an organization employs malicious code protection or runs a MDM system that facilitates the ability to provide anti-malware services from the agency level
1.0
Defines conformance and assessment criteria for verifying that an organization meets the Advanced Authentication requirements of the CJIS Security Policy.
1.1
Defines conformance and assessment criteria for verifying that Local Agency Security Officers receive enhanced security training.
1.0
Defines conformance and assessment criteria for verifying that an organization employs malicious code protection or runs a MDM system that facilitates the ability to provide anti-malware services from the agency level
1.1
Defines conformance and assessment criteria for verifying that an organization verifies any cloud provider it uses to store CJI stores that data exclusively wthin APB member jurisdictions.
1.0
Defines conformance and assessment criteria for verifying that an organization requires that remote administrative personnel are authenticated prior to remote access sessions via an Advanced Authentication (AA) solution.
1.1
Defines conformance and assessment criteria for verifying that an organization is able to determine the location of all agency owned devices.
1.0
Defines conformance and assessement criteria for the training provided to Local Agency Security Officers as to audit findings.
1.0
Defines conformance and assessment criteria for verifying that an organization ensures that mobile devices that can be configured as hotspots are configured appropriately.
1.0
Defines conformance and assessment criteria for verifying that an organization requires all mobile devices to be patched prior to accessing CJI.
1.0
Defines conformance and assessment criteria for verifying that an organization ensures that all non-essential management protocols on its wireless access points are disabled.
1.1
Defines conformance and assessment criteria for verifying that Terminal Agency Coordinators have been designated for those with devices accessing CJIS systems.
1.1
Defines conformance and assessment criteria for verifying that an organization employs compensating controls to meet advanced authentication requirements.
1.1
Defines conformance and assessement criteria for the training provided to Local Agency Security Officers as to roles and responsibilities.
1.0
Defines conformance and assessment criteria for compliance with one-time password requirements defined by CJIS Security Policy.
1.0
Defines conformance and assessment criteria for compliance with facsimile transmission security requirements.
1.0
Defines conformance and assessement criteria for the training provided to Local Agency Security Officers as to policy changes.
1.0
Defines conformance and assessment criteria for verifying that an organization ensures that all non-essential management protocols on its wireless access points are disabled.
1.0
Defines conformance and assessment criteria for verifying that an organization ensures that cellular devices use advanced authentication when required.
1.2
Defines conformance and assessment criteria for verifying that an organization ensures that mobile devices that are authorized for use outside the U.S. are configured in compliance with its policies.
1.1
Defines conformance and assessment criteria for verifying that an organization will automatically wipe mobile devices after a certain amount of failed access attempts.
1.0
Defines conformance and assessment criteria for verifying that an organization prohibits cloud providers from using metadata derived from senitive information for advertising or any commercial purpose.
1.0
This page is also available as JSON and XML.