2.0
Level 2 Description: Cryptographically-protected passwords use salted one-way cryptographic hashes of passwords. See [NIST CRYPTO]. Priority: High...
Wed, 19 Jul, 2023 at 4:41 AM
Level 2 Description: The feedback from systems does not provide any information that would allow unauthorized individuals to compromise authentication ...
Wed, 19 Jul, 2023 at 4:53 AM
Level 2 Description: Organizations recognize that incident handling capability is dependent on the capabilities of organizational systems and the miss...
Mon, 24 Jul, 2023 at 6:33 AM
Level 2 Description: In contrast to requirement 3.8., which restricts user access to media, this requirement restricts the use of certain types of media...
Mon, 24 Jul, 2023 at 7:27 AM
Level 2 Description: Requiring identifiable owners (e.g., individuals, organizations, or projects) for portable storage devices reduces the overall ris...
Mon, 24 Jul, 2023 at 7:43 AM
Level 2 Description: Organizations can employ cryptographic mechanisms or alternative physical controls to protect the confidentiality of backup inform...
Mon, 24 Jul, 2023 at 7:55 AM
Description: Personnel security screening (vetting) activities involve the evaluation/assessment of individual’s conduct, integrity, judgment, loyalty, ...
Mon, 24 Jul, 2023 at 8:04 AM
Level 2 Description: Protecting CUI during and after personnel actions may include returning system-related property and conducting exit interviews. Sy...
Mon, 24 Jul, 2023 at 8:14 AM
Level 1 Description: This requirement applies to employees, individuals with permanent physical access authorization credentials, and visitors. Authori...
Mon, 24 Jul, 2023 at 8:24 AM
Level 1 Description: Individuals with permanent physical access authorization credentials are not considered visitors. Audit logs can be used to monito...
Mon, 24 Jul, 2023 at 8:38 AM