800-53|MP-6

Title

MEDIA SANITIZATION

Description

The organization:

Supplemental

This control applies to all information system media, both digital and non-digital, subject to disposal or reuse, whether or not the media is considered removable. Examples include media found in scanners, copiers, printers, notebook computers, workstations, network components, and mobile devices. The sanitization process removes information from the media such that the information cannot be retrieved or reconstructed. Sanitization techniques, including clearing, purging, cryptographic erase, and destruction, prevent the disclosure of information to unauthorized individuals when such media is reused or released for disposal. Organizations determine the appropriate sanitization methods recognizing that destruction is sometimes necessary when other methods cannot be applied to media requiring sanitization. Organizations use discretion on the employment of approved sanitization techniques and procedures for media containing information deemed to be in the public domain or publicly releasable, or deemed to have no adverse impact on organizations or individuals if released for reuse or disposal. Sanitization of non-digital media includes, for example, removing a classified appendix from an otherwise unclassified document, or redacting selected sections or words from a document by obscuring the redacted sections/words in a manner equivalent in effectiveness to removing them from the document. NSA standards and policies control the sanitization process for media containing classified information.

Reference Item Details

Reference: NIST 800-53 - Security and Privacy Controls for Federal Information Systems and Organizations

Related: MA-2,MA-4,RA-3,SC-4

Category: MEDIA PROTECTION

Family: MEDIA PROTECTION

Priority: P1

Baseline Impact: LOW,MODERATE,HIGH

Audit Items

View all Reference Audit Items

Name	Plugin	Audit Name
2.28 Ensure 'Enable automatic HTTPS upgrades' Is Enabled	Windows	CIS Google Chrome L1 v3.0.0
4.4.1 Ensure 'disableXPoweredBy' is set to 'true'	Unix	CIS IBM WebSphere Liberty v1.0.0 L1
4.4.21 Ensure 'default-error-page' is set for web applications	Unix	CIS IBM WebSphere Liberty v1.0.0 L1
6.4 Ensure 'log-raw' is Set to 'OFF'	Unix	CIS MySQL 8.0 Community Linux OS L1 v1.0.0
6.4 Ensure 'log-raw' is Set to 'OFF'	Unix	CIS MySQL 8.0 Enterprise Linux OS L1 v1.3.0
6.4 Ensure 'log-raw' Is Set to 'OFF' - /etc/my.cnf	Unix	CIS MySQL 5.6 Community Linux OS L1 v2.0.0
6.4 Ensure 'log-raw' Is Set to 'OFF' - /etc/my.cnf	Unix	CIS MySQL 5.6 Enterprise Linux OS L1 v2.0.0
6.4 Ensure 'log-raw' is Set to 'OFF' - /etc/my.cnf	Unix	CIS MySQL 5.7 Enterprise Linux OS L1 v2.0.0
6.4 Ensure 'log-raw' is Set to 'OFF' - /etc/my.cnf	Unix	CIS MySQL 5.7 Community Linux OS L1 v2.0.0
6.4 Ensure 'log-raw' Is Set to 'OFF' - /etc/mysql/my.cnf	Unix	CIS MySQL 5.6 Enterprise Linux OS L1 v2.0.0
6.4 Ensure 'log-raw' Is Set to 'OFF' - /etc/mysql/my.cnf	Unix	CIS MySQL 5.6 Community Linux OS L1 v2.0.0
6.4 Ensure 'log-raw' is Set to 'OFF' - /etc/mysql/my.cnf	Unix	CIS MySQL 5.7 Community Linux OS L1 v2.0.0
6.4 Ensure 'log-raw' is Set to 'OFF' - /etc/mysql/my.cnf	Unix	CIS MySQL 5.7 Enterprise Linux OS L1 v2.0.0
6.4 Ensure 'log-raw' Is Set to 'OFF' - %PROGRAMDATA%\MySQL\MySQL Server 5.6\my.cnf	Windows	CIS MySQL 5.6 Enterprise Windows OS L1 v2.0.0
6.4 Ensure 'log-raw' Is Set to 'OFF' - %PROGRAMDATA%\MySQL\MySQL Server 5.6\my.cnf	Windows	CIS MySQL 5.6 Community Windows OS L1 v2.0.0
6.4 Ensure 'log-raw' Is Set to 'OFF' - %PROGRAMDATA%\MySQL\MySQL Server 5.6\my.ini Exists	Windows	CIS MySQL 5.6 Enterprise Windows OS L1 v2.0.0
6.4 Ensure 'log-raw' Is Set to 'OFF' - %PROGRAMDATA%\MySQL\MySQL Server 5.6\my.ini Exists	Windows	CIS MySQL 5.6 Community Windows OS L1 v2.0.0
6.4 Ensure 'log-raw' is Set to 'OFF' - %PROGRAMDATA%\MySQL\MySQL Server 5.7\my.cnf	Windows	CIS MySQL 5.7 Community Windows OS L1 v2.0.0
6.4 Ensure 'log-raw' is Set to 'OFF' - %PROGRAMDATA%\MySQL\MySQL Server 5.7\my.cnf	Windows	CIS MySQL 5.7 Enterprise Windows OS L1 v2.0.0
6.4 Ensure 'log-raw' is Set to 'OFF' - %PROGRAMDATA%\MySQL\MySQL Server 5.7\my.ini	Windows	CIS MySQL 5.7 Community Windows OS L1 v2.0.0
6.4 Ensure 'log-raw' is Set to 'OFF' - %PROGRAMDATA%\MySQL\MySQL Server 5.7\my.ini	Windows	CIS MySQL 5.7 Enterprise Windows OS L1 v2.0.0
6.4 Ensure 'log-raw' Is Set to 'OFF' - %WINDIR%\my.cnf	Windows	CIS MySQL 5.6 Enterprise Windows OS L1 v2.0.0
6.4 Ensure 'log-raw' Is Set to 'OFF' - %WINDIR%\my.cnf	Windows	CIS MySQL 5.6 Community Windows OS L1 v2.0.0
6.4 Ensure 'log-raw' is Set to 'OFF' - %WINDIR%\my.cnf	Windows	CIS MySQL 5.7 Enterprise Windows OS L1 v2.0.0
6.4 Ensure 'log-raw' is Set to 'OFF' - %WINDIR%\my.cnf	Windows	CIS MySQL 5.7 Community Windows OS L1 v2.0.0
6.4 Ensure 'log-raw' Is Set to 'OFF' - %WINDIR%\my.ini	Windows	CIS MySQL 5.6 Community Windows OS L1 v2.0.0
6.4 Ensure 'log-raw' Is Set to 'OFF' - %WINDIR%\my.ini	Windows	CIS MySQL 5.6 Enterprise Windows OS L1 v2.0.0
6.4 Ensure 'log-raw' is Set to 'OFF' - %WINDIR%\my.ini	Windows	CIS MySQL 5.7 Enterprise Windows OS L1 v2.0.0
6.4 Ensure 'log-raw' is Set to 'OFF' - %WINDIR%\my.ini	Windows	CIS MySQL 5.7 Community Windows OS L1 v2.0.0
6.4 Ensure 'log-raw' Is Set to 'OFF' - C:\my.cnf	Windows	CIS MySQL 5.6 Community Windows OS L1 v2.0.0
6.4 Ensure 'log-raw' Is Set to 'OFF' - C:\my.cnf	Windows	CIS MySQL 5.6 Enterprise Windows OS L1 v2.0.0
6.4 Ensure 'log-raw' is Set to 'OFF' - C:\my.cnf	Windows	CIS MySQL 5.7 Community Windows OS L1 v2.0.0
6.4 Ensure 'log-raw' is Set to 'OFF' - C:\my.cnf	Windows	CIS MySQL 5.7 Enterprise Windows OS L1 v2.0.0
6.4 Ensure 'log-raw' Is Set to 'OFF' - C:\my.ini	Windows	CIS MySQL 5.6 Enterprise Windows OS L1 v2.0.0
6.4 Ensure 'log-raw' Is Set to 'OFF' - C:\my.ini	Windows	CIS MySQL 5.6 Community Windows OS L1 v2.0.0
6.4 Ensure 'log-raw' is Set to 'OFF' - C:\my.ini	Windows	CIS MySQL 5.7 Community Windows OS L1 v2.0.0
6.4 Ensure 'log-raw' is Set to 'OFF' - C:\my.ini	Windows	CIS MySQL 5.7 Enterprise Windows OS L1 v2.0.0
6.4 Ensure 'log-raw' Is Set to 'OFF' - MYSQL_INSTALL\my.cnf	Windows	CIS MySQL 5.6 Community Windows OS L1 v2.0.0
6.4 Ensure 'log-raw' Is Set to 'OFF' - MYSQL_INSTALL\my.cnf	Windows	CIS MySQL 5.6 Enterprise Windows OS L1 v2.0.0
6.4 Ensure 'log-raw' is Set to 'OFF' - MYSQL_INSTALL\my.cnf	Windows	CIS MySQL 5.7 Community Windows OS L1 v2.0.0
6.4 Ensure 'log-raw' is Set to 'OFF' - MYSQL_INSTALL\my.cnf	Windows	CIS MySQL 5.7 Enterprise Windows OS L1 v2.0.0
6.4 Ensure 'log-raw' Is Set to 'OFF' - MYSQL_INSTALL\my.ini	Windows	CIS MySQL 5.6 Community Windows OS L1 v2.0.0
6.4 Ensure 'log-raw' Is Set to 'OFF' - MYSQL_INSTALL\my.ini	Windows	CIS MySQL 5.6 Enterprise Windows OS L1 v2.0.0
6.4 Ensure 'log-raw' is Set to 'OFF' - MYSQL_INSTALL\my.ini	Windows	CIS MySQL 5.7 Enterprise Windows OS L1 v2.0.0
6.4 Ensure 'log-raw' is Set to 'OFF' - MYSQL_INSTALL\my.ini	Windows	CIS MySQL 5.7 Community Windows OS L1 v2.0.0
6.4 Ensure 'log-raw' Is Set to 'OFF' - SYSCONFDIR/my.cnf	Unix	CIS MySQL 5.6 Enterprise Linux OS L1 v2.0.0
6.4 Ensure 'log-raw' Is Set to 'OFF' - SYSCONFDIR/my.cnf	Unix	CIS MySQL 5.6 Community Linux OS L1 v2.0.0
6.4 Ensure 'log-raw' Is Set to 'OFF' - SYSCONFDIRmy.cnf	Unix	CIS MySQL 5.6 Community Linux OS L1 v2.0.0
6.4 Ensure 'log-raw' Is Set to 'OFF' - SYSCONFDIRmy.cnf	Unix	CIS MySQL 5.6 Enterprise Linux OS L1 v2.0.0
10.3 Ensure 'enableWelcomePage' is set to 'false'	Unix	CIS IBM WebSphere Liberty v1.0.0 L1

Detections

Analytics