NIST SP 800-53 r4 - Security Control Family: System and Communications Protection - Controls for HIGH Impact Systems, v4
Profile of requirements corresponding to all HIGH impact security controls in NIST Special Publication 800-53, r4, under the control family of System and Communications Protection.
| Identifier | https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4---security-control-family_-system-and-communications-protection---controls-for-high-impact-systems/4/ | ||||
| Publication Date | 2021-04-26 | ||||
| Issuing Organization |
Trustmark Initiative (https://trustmarkinitiative.org/)
View Contact
|
||||
| Keywords | 800-53, Communications Protection, NIST, Security, System, High | ||||
| Legal Notice | This document and the information contained herein is provided on an "AS IS" basis, and the Georgia Tech Research Institute disclaims all warranties, express or implied, including but not limited to any warranty that the use of the information herein will not infringe any rights or any implied warranties or merchantability or fitness for a particular purpose. In addition, the Georgia Tech Research Institute disclaims legal liability for any loss incurred as a result of the use or reliance on the document or the information contained herein. |
Loading...
Trust Expression:
TIP_NISTSP80053r4SecurityControlFamilySystemandCommunicationsProtectionControlsforMODERATEImpactSystems and TIP_NISTSP80053r4SecurityControlSC1SystemandCommunicationsProtectionPolicyandProcedures and TIP_NISTSP80053r4SecurityControlSC2ApplicationPartitioning and TIP_NISTSP80053r4SecurityControlSC3SecurityFunctionIsolation and TIP_NISTSP80053r4SecurityControlSC4InformationinSharedResources and TIP_NISTSP80053r4SecurityControlSC5DenialofServiceProtection and TIP_NISTSP80053r4SecurityControlSC7BoundaryProtection and TIP_NISTSP80053r4SecurityControlSC73AccessPoints and TIP_NISTSP80053r4SecurityControlSC74ExternalTelecommunicationsServices and TIP_NISTSP80053r4SecurityControlSC75DenybyDefaultAllowbyException and TIP_NISTSP80053r4SecurityControlSC77PreventSplitTunnelingforRemoteDevices and TIP_NISTSP80053r4SecurityControlSC78RouteTraffictoAuthenticatedProxyServers and TIP_NISTSP80053r4SecurityControlSC718FailSecure and TIP_NISTSP80053r4SecurityControlSC721IsolationofInformationSystemComponents and TIP_NISTSP80053r4SecurityControlSC8TransmissionConfidentialityandIntegrity and TIP_NISTSP80053r4SecurityControlSC81CryptographicorAlternatePhysicalProtection and TIP_NISTSP80053r4SecurityControlSC10NetworkDisconnect and TIP_NISTSP80053r4SecurityControlSC12CryptographicKeyEstablishmentandManagement and TIP_NISTSP80053r4SecurityControlSC121Availability and TIP_NISTSP80053r4SecurityControlSC13CryptographicProtection and TIP_NISTSP80053r4SecurityControlSC15CollaborativeComputingDevices and TIP_NISTSP80053r4SecurityControlSC17PublicKeyInfrastructureCertificates and TIP_NISTSP80053r4SecurityControlSC18MobileCode and TIP_NISTSP80053r4SecurityControlSC19VoiceOverInternetProtocol and TIP_NISTSP80053r4SecurityControlSC20SecureNameAddressResolutionServiceAuthoritativeSource and TIP_NISTSP80053r4SecurityControlSC21SecureNameAddressResolutionServiceRecursiveorCachingResolver and TIP_NISTSP80053r4SecurityControlSC22ArchitectureandProvisioningforNameAddressResolutionService and TIP_NISTSP80053r4SecurityControlSC23SessionAuthenticity and TIP_NISTSP80053r4SecurityControlSC24FailinKnownState and TIP_NISTSP80053r4SecurityControlSC28ProtectionofInformationatRest and TIP_NISTSP80053r4SecurityControlSC39ProcessIsolation
References (31)
| TIP NIST SP 800-53 r4 - Security Control Family: System and Communications Protection - Controls for MODERATE Impact Systems, v4 | |
|---|---|
| Description | Profile of requirements corresponding to all MODERATE impact security controls in NIST Special Publication 800-53, r4, under the control family of System and Communications Protection. |
| ID | TIP_NISTSP80053r4SecurityControlFamilySystemandCommunicationsProtectionControlsforMODERATEImpactSystems |
| TIP NIST SP 800-53 r4 Security Control SC-1: System and Communications Protection Policy and Procedures, v4 | |
|---|---|
| Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SC-1: System and Communications Protection Policy and Procedures. Applicable to LOW impact, MODERATE impact, and HIGH impact systems. |
| ID | TIP_NISTSP80053r4SecurityControlSC1SystemandCommunicationsProtectionPolicyandProcedures |
| TIP NIST SP 800-53 r4 Security Control SC-2: Application Partitioning, v4 | |
|---|---|
| Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SC-2: Application Partitioning. Applicable to MODERATE impact and HIGH impact systems. |
| ID | TIP_NISTSP80053r4SecurityControlSC2ApplicationPartitioning |
| TIP NIST SP 800-53 r4 Security Control SC-3: Security Function Isolation, v4 | |
|---|---|
| Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SC-3: Security Function Isolation. Applicable to HIGH impact systems. |
| ID | TIP_NISTSP80053r4SecurityControlSC3SecurityFunctionIsolation |
| TIP NIST SP 800-53 r4 Security Control SC-4: Information in Shared Resources, v4 | |
|---|---|
| Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SC-4: Information in Shared Resources. Applicable to MODERATE impact and HIGH impact systems. |
| ID | TIP_NISTSP80053r4SecurityControlSC4InformationinSharedResources |
| TIP NIST SP 800-53 r4 Security Control SC-5: Denial of Service Protection, v4 | |
|---|---|
| Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SC-5: Denial of Service Protection. Applicable to LOW impact, MODERATE impact, and HIGH impact systems. |
| ID | TIP_NISTSP80053r4SecurityControlSC5DenialofServiceProtection |
| TIP NIST SP 800-53 r4 Security Control SC-7: Boundary Protection, v4 | |
|---|---|
| Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SC-7: Boundary Protection. Applicable to LOW impact, MODERATE impact, and HIGH impact systems. |
| ID | TIP_NISTSP80053r4SecurityControlSC7BoundaryProtection |
| TIP NIST SP 800-53 r4 Security Control SC-7 (3): Access Points, v4 | |
|---|---|
| Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SC-7 (3): Access Points. Applicable to MODERATE impact and HIGH impact systems. |
| ID | TIP_NISTSP80053r4SecurityControlSC73AccessPoints |
| TIP NIST SP 800-53 r4 Security Control SC-7 (4): External Telecommunications Services, v4 | |
|---|---|
| Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SC-7 (4): External Telecommunications Services. Applicable to MODERATE impact and HIGH impact systems. |
| ID | TIP_NISTSP80053r4SecurityControlSC74ExternalTelecommunicationsServices |
| TIP NIST SP 800-53 r4 Security Control SC-7 (5): Deny by Default / Allow by Exception, v4 | |
|---|---|
| Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SC-7 (5): Deny by Default / Allow by Exception. Applicable to MODERATE impact and HIGH impact systems. |
| ID | TIP_NISTSP80053r4SecurityControlSC75DenybyDefaultAllowbyException |
| TIP NIST SP 800-53 r4 Security Control SC-7 (7): Prevent Split Tunneling for Remote Devices, v4 | |
|---|---|
| Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SC-7 (7): Prevent Split Tunneling for Remote Devices. Applicable to MODERATE impact and HIGH impact systems. |
| ID | TIP_NISTSP80053r4SecurityControlSC77PreventSplitTunnelingforRemoteDevices |
| TIP NIST SP 800-53 r4 Security Control SC-7 (8): Route Traffic to Authenticated Proxy Servers, v4 | |
|---|---|
| Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SC-7 (8): Route Traffic to Authenticated Proxy Servers. Applicable to HIGH impact systems. |
| ID | TIP_NISTSP80053r4SecurityControlSC78RouteTraffictoAuthenticatedProxyServers |
| TIP NIST SP 800-53 r4 Security Control SC-7 (18): Fail Secure, v4 | |
|---|---|
| Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SC-7 (18): Fail Secure. Applicable to HIGH impact systems. |
| ID | TIP_NISTSP80053r4SecurityControlSC718FailSecure |
| TIP NIST SP 800-53 r4 Security Control SC-7 (21): Isolation of Information System Components, v4 | |
|---|---|
| Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SC-7 (21): Isolation of Information System Components. Applicable to HIGH impact systems. |
| ID | TIP_NISTSP80053r4SecurityControlSC721IsolationofInformationSystemComponents |
| TIP NIST SP 800-53 r4 Security Control SC-8: Transmission Confidentiality and Integrity, v4 | |
|---|---|
| Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SC-8: Transmission Confidentiality and Integrity. Applicable to MODERATE impact and HIGH impact systems. |
| ID | TIP_NISTSP80053r4SecurityControlSC8TransmissionConfidentialityandIntegrity |
| TIP NIST SP 800-53 r4 Security Control SC-8 (1): Cryptographic or Alternate Physical Protection, v4 | |
|---|---|
| Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SC-8 (1): Cryptographic or Alternate Physical Protection. Applicable to MODERATE impact and HIGH impact systems. |
| ID | TIP_NISTSP80053r4SecurityControlSC81CryptographicorAlternatePhysicalProtection |
| TIP NIST SP 800-53 r4 Security Control SC-10: Network Disconnect, v4 | |
|---|---|
| Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SC-10: Network Disconnect. Applicable to MODERATE impact and HIGH impact systems. |
| ID | TIP_NISTSP80053r4SecurityControlSC10NetworkDisconnect |
| TIP NIST SP 800-53 r4 Security Control SC-12: Cryptographic Key Establishment and Management, v4 | |
|---|---|
| Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SC-12: Cryptographic Key Establishment and Management. Applicable to LOW impact, MODERATE impact, and HIGH impact systems. |
| ID | TIP_NISTSP80053r4SecurityControlSC12CryptographicKeyEstablishmentandManagement |
| TIP NIST SP 800-53 r4 Security Control SC-12 (1): Availability, v4 | |
|---|---|
| Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SC-12 (1): Availability. Applicable to HIGH impact systems. |
| ID | TIP_NISTSP80053r4SecurityControlSC121Availability |
| TIP NIST SP 800-53 r4 Security Control SC-13: Cryptographic Protection, v4 | |
|---|---|
| Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SC-13: Cryptographic Protection. Applicable to LOW impact, MODERATE impact, and HIGH impact systems. |
| ID | TIP_NISTSP80053r4SecurityControlSC13CryptographicProtection |
| TIP NIST SP 800-53 r4 Security Control SC-15: Collaborative Computing Devices, v4 | |
|---|---|
| Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SC-15: Collaborative Computing Devices. Applicable to LOW impact, MODERATE impact, and HIGH impact systems. |
| ID | TIP_NISTSP80053r4SecurityControlSC15CollaborativeComputingDevices |
| TIP NIST SP 800-53 r4 Security Control SC-17: Public Key Infrastructure Certificates, v4 | |
|---|---|
| Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SC-17: Public Key Infrastructure Certificates. Applicable to MODERATE impact and HIGH impact systems. |
| ID | TIP_NISTSP80053r4SecurityControlSC17PublicKeyInfrastructureCertificates |
| TIP NIST SP 800-53 r4 Security Control SC-18: Mobile Code, v4 | |
|---|---|
| Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SC-18: Mobile Code. Applicable to MODERATE impact and HIGH impact systems. |
| ID | TIP_NISTSP80053r4SecurityControlSC18MobileCode |
| TIP NIST SP 800-53 r4 Security Control SC-19: Voice Over Internet Protocol, v4 | |
|---|---|
| Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SC-19: Voice Over Internet Protocol. Applicable to MODERATE impact and HIGH impact systems. |
| ID | TIP_NISTSP80053r4SecurityControlSC19VoiceOverInternetProtocol |
| TIP NIST SP 800-53 r4 Security Control SC-20: Secure Name / Address Resolution Service (Authoritative Source), v4 | |
|---|---|
| Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SC-20: Secure Name / Address Resolution Service (Authoritative Source). Applicable to LOW impact, MODERATE impact, and HIGH impact systems. |
| ID | TIP_NISTSP80053r4SecurityControlSC20SecureNameAddressResolutionServiceAuthoritativeSource |
| TIP NIST SP 800-53 r4 Security Control SC-21: Secure Name / Address Resolution Service (Recursive or Caching Resolver), v4 | |
|---|---|
| Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SC-21: Secure Name / Address Resolution Service (Recursive or Caching Resolver). Applicable to LOW impact, MODERATE impact, and HIGH impact systems. |
| ID | TIP_NISTSP80053r4SecurityControlSC21SecureNameAddressResolutionServiceRecursiveorCachingResolver |
| TIP NIST SP 800-53 r4 Security Control SC-22: Architecture and Provisioning for Name / Address Resolution Service, v4 | |
|---|---|
| Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SC-22: Architecture and Provisioning for Name / Address Resolution Service. Applicable to LOW impact, MODERATE impact, and HIGH impact systems. |
| ID | TIP_NISTSP80053r4SecurityControlSC22ArchitectureandProvisioningforNameAddressResolutionService |
| TIP NIST SP 800-53 r4 Security Control SC-23: Session Authenticity, v4 | |
|---|---|
| Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SC-23: Session Authenticity. Applicable to MODERATE impact and HIGH impact systems. |
| ID | TIP_NISTSP80053r4SecurityControlSC23SessionAuthenticity |
| TIP NIST SP 800-53 r4 Security Control SC-24: Fail in Known State, v4 | |
|---|---|
| Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SC-24: Fail in Known State. Applicable to HIGH impact systems. |
| ID | TIP_NISTSP80053r4SecurityControlSC24FailinKnownState |
| TIP NIST SP 800-53 r4 Security Control SC-28: Protection of Information at Rest, v4 | |
|---|---|
| Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SC-28: Protection of Information at Rest. Applicable to MODERATE impact and HIGH impact systems. |
| ID | TIP_NISTSP80053r4SecurityControlSC28ProtectionofInformationatRest |
| TIP NIST SP 800-53 r4 Security Control SC-39: Process Isolation, v4 | |
|---|---|
| Description | Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SC-39: Process Isolation. Applicable to LOW impact, MODERATE impact, and HIGH impact systems. |
| ID | TIP_NISTSP80053r4SecurityControlSC39ProcessIsolation |
Sources (1)
| SP800-53R4 | NIST Special Publication 800-53 Revision 4, Security and Privacy Controls for Federal Information Systems and Organizations, National Institute of Standards and Technology, April 2013 (Includes updates as of 01-15-2014). Available at http://dx.doi.org/10.6028/NIST.SP.800-53r4. |