|
Domain | Subdomain |
|
D.1 Access Control | D.1.2 Account Management |
D.1.3 Access Enforcement |
D.1.5 Separation of Duties |
D.1.6 Least Privilege |
D.1.7 Unsuccessful Login Attempts |
D.1.8 System Use Notification |
D.1.10 Concurrent Session Control |
D.1.11 Session Lock |
D.1.17 Remote Access |
D.1.18 Wireless Access |
D.1.19 Access Control for Mobile Devices |
D.1.22 Publicly Accessible Content |
|
D.2 Awareness and Training | D.2.2 Security Awareness |
D.2.3 Security Training |
|
D.3 Audit and Accountability | D.3.2 Auditable Events |
D.3.3 Response to Audit Processing Failures |
D.3.4 Audit Reduction and Report Generation |
D.3.5 Audit Generation |
|
D.4 Security Assessment and Authorization | D.4.2 Security Assessments |
D.4.7 Continuous Monitoring |
|
D.5 Configuration Management | D.5.3 Configuration Change Control |
D.5.4 Security Impact Analysis |
D.5.5 Access Restrictions for Change |
D.5.6 Configuration setting |
D.5.7 Least Functionality |
|
D.6 Contingency Planning | D.6.2 Contingency Plan |
D.6.4 Contingency Plan Testing and Exercises |
D.6.10 Information System Recovery and Reconstitution |
|
D.7 Identification and Authentication | D.7.2 Identification and Authentication (Organizational Users) |
D.7.3 Device Identification and Authentication |
D.7.4 Identifier Management |
D.7.5 Authenticator Management |
D.7.7 Cryptographic Module Authentication |
|
D.8 Incident Response | D.8.6 Incident Reporting |
|
D.9 Maintenance | D.9.4 Non-Local Maintenance |
|
D.10 Media Protection | D.10.5 Media Transport |
|
D.11 Physical and Environmental Protection | D.11.3 Physical Access Control |
|
D.12 Planning | D.12.2 System Security Plan |
|
D.14 Risk Assessment | D.14.2 System Categorization |
D.14.3 Risk Assessment |
D.14.5 Vulnerability Scanning |
|
D.15 System and Services Acquisition | D.15.4 Acquisitions |
D.15.8 Security Engineering Principles |
|
D.16 System and Communications Protection | D.16.2 Application Partitioning |
D.16.3 Security Function Isolation |
D.16.7 Boundary Protection |
D.16.8 Transmission Integrity |
D.16.9 Transmission Confidentiality |
D.16.10 Network Disconnect |
D.16.12 Cryptographic Key Establishment and Management |
D.16.13 Use of Cryptography |
D.16.14 Public Access Protections |
D.16.15 Collaborative Computing Devices |
D.16.19 Voice Over Internet Protocol |
D.16.20 Secure Name/Address Resolution Service (Authoritative Source) |
D.16.21 Secure Name/Address Resolution Service (Recursive or Caching Resolver) |
D.16.22 Architecture and Provisioning for Name/Address Resolution Service |
D.16.23 Session Authenticity |
|
D.17 System and Information Integrity | D.17.2 Flaw Remediation |
D.17.3 Malicious Code Protection |
D.17.4 Information System Monitoring |
D.17.6 Security Functionality Verification |
D.17.7 Software and Information Integrity |
D.17.8 Spam Protection |
|