|
controlSC-13
Cryptographic Protection (SC-13)
Determine the [organization-defined] ; and Implement the following types of cryptography required for each specified cryptographic use: [organization-defined].
Security Baselines
LOWMODERATEHIGH
communicationsencryptionboundary-protectionnetwork
Why These Connect
Baselined In3
This control is included in the linked security baseline (LOW, MODERATE, or HIGH).
Supports42
These related controls work together — a change to one may affect the others.
Mitigates1
This control helps defend against or reduce the risk of the linked threat technique.
Enhances4
These enhancements add specific capabilities or refinements to the base control.
Related Controls(30)
AC-2Account Management (AC-2)
LMH
AC-3Access Enforcement (AC-3)LMH
AC-17Remote Access (AC-17)LMH
AU-10Non-repudiation (AU-10)H
CM-14Signed Components (CM-14)CP-9System Backup (CP-9)LMH
IA-5Authenticator Management (IA-5)LMH
IA-7Cryptographic Module Authentication (IA-7)LMH
MP-2Media Access (MP-2)LMH
MP-4Media Storage (MP-4)MH
MP-5Media Transport (MP-5)MH
SC-12Cryptographic Key Establishment and Management (SC-12)LMH
AC-7Unsuccessful Logon Attempts (AC-7)LMH
AC-18Wireless Access (AC-18)LMH
AC-19Access Control for Mobile Devices (AC-19)LMH
AU-9Protection of Audit Information (AU-9)LMH
CM-11User-installed Software (CM-11)LMH
IA-3Device Identification and Authentication (IA-3)MH
IA-13Identity Providers and Authorization Servers (IA-13)MA-4Nonlocal Maintenance (MA-4)LMH
SA-4Acquisition Process (SA-4)LMH
SA-8Security and Privacy Engineering Principles (SA-8)LMH
SA-9External System Services (SA-9)LMH
SC-8Transmission Confidentiality and Integrity (SC-8)MH
SC-20Secure Name/Address Resolution Service (Authoritative Source) (SC-20)LMH
SC-23Session Authenticity (SC-23)MH
SC-28Protection of Information at Rest (SC-28)MH
SC-40Wireless Link Protection (SC-40)SI-3Malicious Code Protection (SI-3)LMH
SI-7Software, Firmware, and Information Integrity (SI-7)MH