N
|
controlSC-28

Protection of Information at Rest (SC-28)

Protect the [organization-defined] of the following information at rest: [organization-defined].

Security Baselines

MODERATEHIGHLOW
communicationsencryptionboundary-protectionnetwork

Why These Connect

Baselined In2

This control is included in the linked security baseline (LOW, MODERATE, or HIGH).

Supports30

These related controls work together — a change to one may affect the others.

Mitigates2

This control helps defend against or reduce the risk of the linked threat technique.

Enhances3

These enhancements add specific capabilities or refinements to the base control.

Related Controls(20)

AC-3Access Enforcement (AC-3)
LMH
CM-3Configuration Change Control (CM-3)
MH
CM-5Access Restrictions for Change (CM-5)
LMH
CM-6Configuration Settings (CM-6)
LMH
CM-12Information Location (CM-12)
MH
MP-4Media Storage (MP-4)
MH
MP-5Media Transport (MP-5)
MH
PE-3Physical Access Control (PE-3)
LMH
SC-8Transmission Confidentiality and Integrity (SC-8)
MH
SC-13Cryptographic Protection (SC-13)
LMH
AC-4Information Flow Enforcement (AC-4)
MH
AC-6Least Privilege (AC-6)
MH
AC-19Access Control for Mobile Devices (AC-19)
LMH
CA-7Continuous Monitoring (CA-7)
LMH
CP-9System Backup (CP-9)
LMH
SC-12Cryptographic Key Establishment and Management (SC-12)
LMH
SC-34Non-modifiable Executable Programs (SC-34)SI-3Malicious Code Protection (SI-3)
LMH
SI-7Software, Firmware, and Information Integrity (SI-7)
MH
SI-16Memory Protection (SI-16)
MH

Threat Coverage(2 ATT&CK techniques)

T1528Steal Application Access TokenT1005Data from Local System

Control Enhancements(3)

SC-28(1)Cryptographic Protection (SC-28(1))
MH
SC-28(2)Offline Storage (SC-28(2))
SC-28(3)Cryptographic Keys (SC-28(3))

See Also

@SP 800-53 OverviewCompare Baselines