800-53|SC-16

Title

TRANSMISSION OF SECURITY ATTRIBUTES

Description

The information system associates [Assignment: organization-defined security attributes] with information exchanged between information systems and between system components.

Supplemental

Security attributes can be explicitly or implicitly associated with the information contained in organizational information systems or system components.

Reference Item Details

Reference: NIST 800-53 - Security and Privacy Controls for Federal Information Systems and Organizations

Related: AC-16,AC-3,AC-4

Category: SYSTEM AND COMMUNICATIONS PROTECTION

Family: SYSTEM AND COMMUNICATIONS PROTECTION

Priority: P0

Audit Items

View all Reference Audit Items

Name	Plugin	Audit Name
2.4 Ensure SharePoint provides the ability to prohibit the transfer of unsanctioned information in accordance with security policy.	Windows	CIS Microsoft SharePoint 2016 OS v1.1.0
3.4 Ensure SharePoint identifies data type, specification, and usage when transferring information between different security domains so policy restrictions may be applied.	Windows	CIS Microsoft SharePoint 2019 OS v1.0.0
3.4 Ensure SharePoint identifies data type, specification, and usage when transferring information between different security domains.	Windows	CIS Microsoft SharePoint 2016 OS v1.1.0
SP13-00-000105 - SharePoint must validate the integrity of security attributes exchanged between systems.	Windows	DISA STIG SharePoint 2013 v2r3
SQL2-00-020400 - SQL Server must associate and maintain security labels when exchanging information between systems.	MS_SQLDB	DISA STIG SQL Server 2012 DB Instance Security v1r20

Detections

Analytics