800-53|SC-16

Title

TRANSMISSION OF SECURITY ATTRIBUTES

Description

The information system associates [Assignment: organization-defined security attributes] with information exchanged between information systems and between system components.

Supplemental

Security attributes can be explicitly or implicitly associated with the information contained in organizational information systems or system components.

Reference Item Details

Reference: NIST 800-53 - Security and Privacy Controls for Federal Information Systems and Organizations

Related: AC-16,AC-3,AC-4

Category: SYSTEM AND COMMUNICATIONS PROTECTION

Family: SYSTEM AND COMMUNICATIONS PROTECTION

Priority: P0

Audit Items

View all Reference Audit Items

Name	Plugin	Audit Name
2.4 Ensure SharePoint provides the ability to prohibit the transfer of unsanctioned information in accordance with security policy.	Windows	CIS Microsoft SharePoint 2016 OS v1.1.0
3.4 Ensure SharePoint identifies data type, specification, and usage when transferring information between different security domains so policy restrictions may be applied.	Windows	CIS Microsoft SharePoint 2019 OS v1.0.0
3.4 Ensure SharePoint identifies data type, specification, and usage when transferring information between different security domains.	Windows	CIS Microsoft SharePoint 2016 OS v1.1.0
EC2: DescribeKeyPairs - 'Key names currently in use'	amazon_aws	Tenable AWS Best Practice Audit
IAM: GetAccountSummary - 'AccessKeysPerUserQuota < 2'	amazon_aws	Tenable AWS Best Practice Audit
IAM: GetAccountSummary - 'ServerCertificates'	amazon_aws	Tenable AWS Best Practice Audit
IAM: GetAccountSummary - 'ServerCertificatesQuota'	amazon_aws	Tenable AWS Best Practice Audit
IAM: GetAccountSummary - 'SigningCertificatesPerUserQuota'	amazon_aws	Tenable AWS Best Practice Audit
Managing Application and Administrative Access to AWS Public Cloud Services	amazon_aws	Tenable AWS Best Practice Audit
Protecting Data at Rest on Amazon DynamoDB	amazon_aws	Tenable AWS Best Practice Audit
Protecting Data at Rest on Amazon EMR	amazon_aws	Tenable AWS Best Practice Audit
Protecting Data at Rest on Amazon Glacier	amazon_aws	Tenable AWS Best Practice Audit
Protecting Data at Rest on Amazon RDS	amazon_aws	Tenable AWS Best Practice Audit
Protecting Data at Rest on Amazon S3	amazon_aws	Tenable AWS Best Practice Audit
Protecting Data in Transit to Amazon DynamoDB	amazon_aws	Tenable AWS Best Practice Audit
Protecting Data in Transit to Amazon EMR	amazon_aws	Tenable AWS Best Practice Audit
Protecting Data in Transit to Amazon RDS	amazon_aws	Tenable AWS Best Practice Audit
Protecting Data in Transit to Amazon S3	amazon_aws	Tenable AWS Best Practice Audit
SHPT-00-000010 - SharePoint must maintain security attributes to stored information - 'Custom content types - Document Library'	Windows	DISA STIG SharePoint 2010 v1r8
SHPT-00-000010 - SharePoint must maintain security attributes to stored information - 'Custom content types have been defined for Site'	Windows	DISA STIG SharePoint 2010 v1r8
SHPT-00-000165 - SharePoint must enable IRM to bind attributes to information	Windows	DISA STIG SharePoint 2010 v1r8
SP13-00-000010 - SharePoint must maintain and support the use of security attributes with stored information - 'Custom content types have been defined for Site'	Windows	DISA STIG SharePoint 2013 v1r8
SP13-00-000010 - SharePoint must maintain and support the use of security attributes with stored information - 'Custom content types have been defined for Site'	Windows	DISA STIG SharePoint 2013 v2r1
SP13-00-000010 - SharePoint must maintain and support the use of security attributes with stored information - 'Custom content types have been defined for Site'	Windows	DISA STIG SharePoint 2013 v2r2
SP13-00-000010 - SharePoint must maintain and support the use of security attributes with stored information - Document Library'	Windows	DISA STIG SharePoint 2013 v1r8
SP13-00-000010 - SharePoint must maintain and support the use of security attributes with stored information - Document Library'	Windows	DISA STIG SharePoint 2013 v2r1
SP13-00-000010 - SharePoint must maintain and support the use of security attributes with stored information - Document Library'	Windows	DISA STIG SharePoint 2013 v2r2
SP13-00-000025 - SharePoint must ensure remote sessions for accessing security functions and security-relevant information are audited.	Windows	DISA STIG SharePoint 2013 v1r8
SP13-00-000025 - SharePoint must ensure remote sessions for accessing security functions and security-relevant information are audited.	Windows	DISA STIG SharePoint 2013 v2r2
SP13-00-000025 - SharePoint must ensure remote sessions for accessing security functions and security-relevant information are audited.	Windows	DISA STIG SharePoint 2013 v2r1
SP13-00-000035 - SharePoint must identify data type, specification, and usage when transferring information between different security domains so policy restrictions may be applied.	Windows	DISA STIG SharePoint 2013 v2r1
SP13-00-000035 - SharePoint must identify data type, specification, and usage when transferring information between different security domains so policy restrictions may be applied.	Windows	DISA STIG SharePoint 2013 v2r2
SP13-00-000035 - SharePoint must identify data type, specification, and usage when transferring information between different security domains so policy restrictions may be applied.	Windows	DISA STIG SharePoint 2013 v1r8
SP13-00-000040 - SharePoint must provide the ability to prohibit the transfer of unsanctioned information in accordance with security policy.	Windows	DISA STIG SharePoint 2013 v2r1
SP13-00-000040 - SharePoint must provide the ability to prohibit the transfer of unsanctioned information in accordance with security policy.	Windows	DISA STIG SharePoint 2013 v2r2
SP13-00-000040 - SharePoint must provide the ability to prohibit the transfer of unsanctioned information in accordance with security policy.	Windows	DISA STIG SharePoint 2013 v1r8
SP13-00-000105 - SharePoint must validate the integrity of security attributes exchanged between systems.	Windows	DISA STIG SharePoint 2013 v1r8
SP13-00-000105 - SharePoint must validate the integrity of security attributes exchanged between systems.	Windows	DISA STIG SharePoint 2013 v2r1
SP13-00-000105 - SharePoint must validate the integrity of security attributes exchanged between systems.	Windows	DISA STIG SharePoint 2013 v2r2
SP13-00-000105 - SharePoint must validate the integrity of security attributes exchanged between systems.	Windows	DISA STIG SharePoint 2013 v2r3
SQL2-00-020400 - SQL Server must associate and maintain security labels when exchanging information between systems.	MS_SQLDB	DISA STIG SQL Server 2012 DB Instance Security v1r20

Detections

Analytics