|
controlSC-12
Cryptographic Key Establishment and Management (SC-12)
Establish and manage cryptographic keys when cryptography is employed within the system in accordance with the following key management requirements: [organization-defined].
Security Baselines
LOWMODERATEHIGH
communicationsencryptionboundary-protectionnetwork
Why These Connect
Baselined In3
This control is included in the linked security baseline (LOW, MODERATE, or HIGH).
Supports41
These related controls work together — a change to one may affect the others.
Mitigates1
This control helps defend against or reduce the risk of the linked threat technique.
Enhances6
These enhancements add specific capabilities or refinements to the base control.
Related Controls(28)
AC-2Account Management (AC-2)
LMH
AC-3Access Enforcement (AC-3)LMH
AC-17Remote Access (AC-17)LMH
AU-10Non-repudiation (AU-10)H
CM-14Signed Components (CM-14)CP-9System Backup (CP-9)LMH
IA-5Authenticator Management (IA-5)LMH
IA-7Cryptographic Module Authentication (IA-7)LMH
MP-2Media Access (MP-2)LMH
MP-4Media Storage (MP-4)MH
MP-5Media Transport (MP-5)MH
SC-11Trusted Path (SC-11)AU-9Protection of Audit Information (AU-9)LMH
CM-3Configuration Change Control (CM-3)MH
IA-3Device Identification and Authentication (IA-3)MH
IA-13Identity Providers and Authorization Servers (IA-13)SA-4Acquisition Process (SA-4)LMH
SA-8Security and Privacy Engineering Principles (SA-8)LMH
SA-9External System Services (SA-9)LMH
SC-8Transmission Confidentiality and Integrity (SC-8)MH
SC-13Cryptographic Protection (SC-13)LMH
SC-17Public Key Infrastructure Certificates (SC-17)MH
SC-20Secure Name/Address Resolution Service (Authoritative Source) (SC-20)LMH
SC-37Out-of-band Channels (SC-37)SC-40Wireless Link Protection (SC-40)SI-3Malicious Code Protection (SI-3)LMH
SI-7Software, Firmware, and Information Integrity (SI-7)MH
SC-28Protection of Information at Rest (SC-28)MH