SC-16(2)

Requirement

Implement anti-spoofing mechanisms to prevent adversaries from falsifying the security attributes indicating the successful application of the security process.

Discussion

Some attack vectors operate by altering the security attributes of an information system to intentionally and maliciously implement an insufficient level of security within the system. The alteration of attributes leads organizations to believe that a greater number of security functions are in place and operational than have actually been implemented.

Title

Transmission of Security and Privacy Attributes | Anti-spoofing Mechanisms
Family

System and Communications Protection
NIST 800-53B Baseline(s)

NIST 800-53A Assessment Guidance

Examine

[SELECT FROM: System and communications protection policy; procedures addressing the transmission of security and privacy attributes; access control policy and procedures; system design documentation; system configuration settings and associated documentation; system audit records; system security plan; other relevant documents or records].

Interview

[SELECT FROM: System/network administrators; organizational personnel with information security responsibilities].

Test

[SELECT FROM: Mechanisms supporting and/or implementing anti-spoofing mechanisms].

ID	Assessment Objectives
SC-16(02)	anti-spoofing mechanisms are implemented to prevent adversaries from falsifying the security attributes indicating the successful application of the security process.

Our CMMC Overview Course simplifies CMMC. Enroll so you can make informed decisions!