Access Control - ✔✔Limit system access to authorized users, processes acting on behalf of authorized
users, and devices (including other systems).
Security Assessment - ✔✔Develop, document, and periodically update system security plans (SSP) that
describe system boundaries, system environments of operation, how security requirements are
implemented, and the relationships with or connections to other systems.
Access Control - ✔✔Control the flow of CUI in accordance with approved authorizations.
Access Control - ✔✔Separate the duties of individuals to reduce the risk of malevolent activity without
collusion.
Access Control - ✔✔Use non-privileged accounts or roles when accessing non-security functions.
Access Control - ✔✔Prevent non-privileged users from executing privileged functions and capture the
execution of such functions in audit logs.
Access Control - ✔✔Limit unsuccessful logon attempts.
Access Control - ✔✔Limit system access to the types of transactions and functions that authorized users
are permitted to execute.
Access Control - ✔✔Provide privacy and security notices consistent with applicable CUI rules.
Access Control - ✔✔Use session lock with pattern-hiding displays to prevent access and viewing of data
after a period of inactivity.
Access Control - ✔✔Terminate (automatically) a user session after a defined condition.
, Access Control - ✔✔Route remote access via managed access control points.
Access Control - ✔✔Authorize remote execution of privileged commands and remote access to security-
relevant information.
Access Control - ✔✔Verify and control/limit connections to and use of external systems.
Access Control - ✔✔Limit use of portable storage devices on external systems.
Access Control - ✔✔Control CUI posted or processed on publicly accessible systems.
Awareness and Training - ✔✔Provide security awareness training on recognizing and reporting potential
indicators of insider threat.
Audit And Accountabilty - ✔✔Review and update logged events.
Audit And Accountabilty - ✔✔Alert in the event of an audit logging process failure.
Audit And Accountabilty - ✔✔Provide audit record reduction and report generation to support on-
demand analysis and reporting.
Access Control - ✔✔Employ the principle of least privilege, including for specific security functions and
privileged accounts.
Audit And Accountabilty - ✔✔Provide a system capability that compares and synchronizes internal
system clocks with an authoritative source to generate time stamps for audit records.
Audit And Accountabilty - ✔✔Protect audit information and audit logging tools from unauthorized
access, modification, and deletion.
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller VasilyKichigin. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $13.48. You're not tied to anything after your purchase.