AC-4(23)

  • Requirement

    When transferring information between different security domains, modify non-releasable information by implementing [Assignment: organization-defined modification action].

  • Discussion

    Modifying non-releasable information can help prevent a data spill or attack when information is transferred across security domains. Modification actions include masking, permutation, alteration, removal, or redaction.

More Info

  • Title

    Information Flow Enforcement | Modify Non-releasable Information
  • Family

    Access Control
  • NIST 800-53B Baseline(s)

    • Related NIST 800-53 ID

    NIST 800-53A Assessment Guidance

    CMMC Training

    Our CMMC Overview Course simplifies CMMC. Enroll so you can make informed decisions!