Retired controls and control enhancements

From SecWiki
Jump to: navigation, search
Identifier Name Incorporated
AC-3 (1) Restricted access to privileged functions AC-6
AC-3 (6) Protection of user and system information MP-4, SC-28
AC-4 (16) Information transfers on interconnected systems AC-4
AC-7 (1) Automatic account lock AC-7
AC-13 Supervision and review - access control AC-2, AU-6
AC-14 (1) Necessary uses AC-14
AC-15 Automated marking MP-3
AC-17 (5) Monitoring for unauthorized connections SI-4
AC-17 (7) Additional protection for security function access AC-3 (10)
AC-17 (8) Disable nonsecure network protocols CM-7
AC-18 (2) Monitoring unauthorized connections SI-4
AC-19 (1) Use of writable / portable storage devices MP-7
AC-19 (2) Use of personally owned portable storage devices MP-7
AC-19 (3) Use of portable storage devices with no identifiable owner MP-7
AT-5 Contacts with security groups and associations PM-15
AU-2 (1) Compilation of audit records from multiple sources AU-12
AU-2 (2) Selection of audit events by component AU-12
AU-2 (4) Privileged functions AC-6 (9)
AU-6 (2) Automated security alerts SI-4
AU-10 (5) Digital signatures SI-7
CA-4 Security certification CA-2
CA-7 (2) Types of assessments CA-2
CM-2 (4) Unauthorized software CM-7
CM-2 (5) Authorized software CM-7
CM-5 (7) Automatic implementation of security safeguards SI-7
CM-6 (3) Unauthorized change detection SI-7
CM-6 (4) Conformance demonstration CM-4
CP-5 Contingency plan update CP-2
CP-7 (5) Equivalent information security safeguards CP-7
CP-9 (4) Protection from unauthorized modification CP-9
CP-10 (1) Contingency plan testing CP-4
CP-10 (3) Compensating security controls Chapter 3
CP-10 (5) Failover capability SI-13
IA-3 (2) Cryptographic bidirectional network authentication IA-3 (1)
MA-2 (1) Record content MA-2
MP-2 (1) Automated restricted access MP-4 (2)
MP-2 (2) Cryptographic protection SC-28 (1)
MP-4 (1) Cryptographic protection SC-28 (1)
MP-5 (1) Protection outside of controlled areas MP-5
MP-5 (2) Documentation of activities MP-5
MP-6 (4) Controlled unclassified information MP-6
MP-6 (5) Classified information MP-6
MP-6 (6) Media destruction MP-6
PE-7 Visitor control PE-2, PE-3
PE-8 (2) Physical access records PE-2
PE-10 (1) Accidental / unauthorized activation PE-10
PL-2 (1) Concept of operations PL-7
PL-2 (2) Functional architecture PL-8
PL-3 System security plan update PL-2
PL-5 Privacy impact assessment Appendix J, AR-2
PL-6 Security-related activity planning PL-2
PS-6 (1) Information requiring special protection PS-3
RA-4 Risk assessment update RA-3
RA-5 (7) Automated detection and notification of unauthorized components CM-8
RA-5 (9) Penetration testing and analyses CA-8
SA-4 (4) Assignment of components to systems CM-8 (9)
SA-5 (1) Functional properties of security controls SA-4 (1)
SA-5 (2) Security-relevant external system interfaces SA-4 (2)
SA-5 (3) High-level design SA-4 (2)
SA-5 (4) Low-level design SA-4 (2)
SA-5 (5) Source code SA-4 (2)
SA-6 Software usage restrictions CM-10, SI-7
SA-7 User-installed software CM-11, SI-7
SA-12 (3) Trusted shipping and warehousing SA-12 (1)
SA-12 (4) Diversity of suppliers SA-12 (13)
SA-12 (6) Minimizing procurement time SA-12 (1)
SA-14 (1) Critical components with no viable alternative sourcing SA-20
SC-4 (1) Security levels SC-4
SC-7 (1) Physically separated subnetworks SC-7
SC-7 (2) Public access SC-7
SC-7 (6) Response to recognized failures SC-7 (18)
SC-9 Transmission confidentiality SC-8
SC-12 (4) Pki certificates SC-12
SC-12 (5) Pki certificates / hardware tokens SC-12
SC-13 (1) Fips-validated cryptography SC-13
SC-13 (2) Nsa-approved cryptography SC-13
SC-13 (3) Individuals without formal access approvals SC-13
SC-13 (4) Digital signatures SC-13
SC-14 Public access protections AC-2, AC-3, AC-5, AC-6, SI-3, SI-4, SI-5, SI-7, SI-10
SC-15 (2) Blocking inbound / outbound communications traffic SC-7
SC-20 (1) Child subspaces SC-20
SC-21 (1) Data origin / integrity SC-21
SC-23 (2) User-initiated logouts / message displays AC-12 (1)
SC-23 (4) Unique session identifiers with randomization SC-23 (3)
SC-26 (1) Detection of malicious code SC-35
SC-30 (1) Virtualization techniques SC-29 (1)
SC-33 Transmission preparation integrity SC-8
SI-2 (4) Automated patch management tools SI-2
SI-3 (3) Non-privileged users AC-6 (10)
SI-3 (5) Portable storage devices MP-7
SI-4 (6) Restrict non-privileged users AC-6 (10)
SI-4 (8) Protection of monitoring information SI-4
SI-6 (1) Notification of failed security tests SI-6
SI-7 (4) Tamper-evident packaging SA-12
SI-9 Information input restrictions AC-2, AC-3, AC-5, AC-6
SI-13 (2) Time limit on process execution without supervision SI-7 (16)