800-53|SI-10(3)

Title

PREDICTABLE BEHAVIOR

Description

The information system behaves in a predictable and documented manner that reflects organizational and system objectives when invalid inputs are received.

Supplemental

A common vulnerability in organizational information systems is unpredictable behavior when invalid inputs are received. This control enhancement ensures that there is predictable behavior in the face of invalid inputs by specifying information system responses that facilitate transitioning the system to known states without adverse, unintended side effects.

Reference Item Details

Category: SYSTEM AND INFORMATION INTEGRITY

Parent Title: INFORMATION INPUT VALIDATION

Family: SYSTEM AND INFORMATION INTEGRITY

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.8.1.2 Ensure 'Custom Markup Warning' is set to EnabledWindowsCIS Microsoft Office Word 2013 v1.1.0
1.8.1.2 Ensure 'Custom Markup Warning' is set to EnabledWindowsCIS Microsoft Office Word 2016 v1.1.0
10.19 Setting Security Lifecycle Listener (check for config component)UnixCIS Apache Tomcat 7 L1 v1.1.0
10.19 Setting Security Lifecycle Listener (check for config component)UnixCIS Apache Tomcat 7 L1 v1.1.0 Middleware
Big Sur - Must behave in predictable and documented mannerUnixNIST macOS Big Sur v1.4.0 - All Profiles
BIND-9X-001060 - A BIND 9.x caching name server must implement DNSSEC validation to check all DNS queries for invalid input.UnixDISA BIND 9.x STIG v2r3
Catalina - Must behave in predictable and documented mannerUnixNIST macOS Catalina v1.5.0 - All Profiles
CD12-00-003700 - When invalid inputs are received, PostgreSQL must behave in a predictable and documented manner that reflects organizational and system objectives.PostgreSQLDBDISA STIG Crunchy Data PostgreSQL DB v3r1
DB2X-00-009300 - When invalid inputs are received, DB2 must behave in a predictable and documented manner that reflects organizational and system objectives.IBM_DB2DBDISA STIG IBM DB2 v10.5 LUW v2r1 Database
DKER-EE-001080 - The audit log configuration level must be set to request in the Universal Control Plane (UCP) component of Docker Enterprise.UnixDISA STIG Docker Enterprise 2.x Linux/Unix UCP v2r2
DKER-EE-001090 - The host operating systems auditing policies for the Docker Engine - Enterprise component of Docker Enterprise must be set - docker pathsUnixDISA STIG Docker Enterprise 2.x Linux/Unix v2r2
DKER-EE-001090 - The host operating systems auditing policies for the Docker Engine - Enterprise component of Docker Enterprise must be set - docker servicesUnixDISA STIG Docker Enterprise 2.x Linux/Unix v2r2
EP11-00-009700 - When invalid inputs are received, the EDB Postgres Advanced Server must behave in a predictable and documented manner that reflects organizational and system objectives.PostgreSQLDBEDB PostgreSQL Advanced Server v11 DB Audit v2r4
EPAS-00-009700 - When invalid inputs are received, the EDB Postgres Advanced Server must behave in a predictable and documented manner that reflects organizational and system objectives.PostgreSQLDBEnterpriseDB PostgreSQL Advanced Server DB v2r1
F5BI-AF-000229 - The BIG-IP AFM module must be configured to handle invalid inputs in a predictable and documented manner that reflects organizational and system objectives.F5DISA F5 BIG-IP Advanced Firewall Manager STIG v2r1
F5BI-AP-000229 - The BIG-IP APM module must be configured to handle invalid inputs in a predictable and documented manner that reflects organizational and system objectives.F5DISA F5 BIG-IP Access Policy Manager STIG v2r3
F5BI-AS-000229 - The BIG-IP ASM module must be configured to handle invalid inputs in a predictable and documented manner that reflects organizational and system objectives.F5DISA F5 BIG-IP Application Security Manager STIG v2r1
F5BI-LT-000229 - The BIG-IP Core implementation must be configured to handle invalid inputs in a predictable and documented manner that reflects organizational and system objectives.F5DISA F5 BIG-IP Local Traffic Manager STIG v2r3
MADB-10-009100 - When invalid inputs are received, MariaDB must behave in a predictable and documented manner that reflects organizational and system objectives.MySQLDBDISA MariaDB Enterprise 10.x v2r2 DB
MD3X-00-000780 - When invalid inputs are received, MongoDB must behave in a predictable and documented manner that reflects organizational and system objectives.MongoDBDISA STIG MongoDB Enterprise Advanced 3.x v2r3 DB
MD4X-00-006200 - When invalid inputs are received, MongoDB must behave in a predictable and documented manner that reflects organizational and system objectives.MongoDBDISA STIG MongoDB Enterprise Advanced 4.x v1r4 DB
MD7X-00-009000 When invalid inputs are received, MongoDB must behave in a predictable and documented manner that reflects organizational and system objectives.MongoDBDISA MongoDB Enterprise Advanced 7.x STIG v1r1
Monterey - Must behave in predictable and documented mannerUnixNIST macOS Monterey v1.0.0 - All Profiles
MYS8-00-012500 - When invalid inputs are received, the MySQL Database Server 8.0 must behave in a predictable and documented manner that reflects organizational and system objectives.MySQLDBDISA Oracle MySQL 8.0 v2r2 DB
PGS9-00-003700 - When invalid inputs are received, PostgreSQL must behave in a predictable and documented manner that reflects organizational and system objectives.PostgreSQLDBDISA STIG PostgreSQL 9.x on RHEL DB v2r5
PPS9-00-009700 - When invalid inputs are received, the EDB Postgres Advanced Server must behave in a predictable and documented manner that reflects organizational and system objectives.PostgreSQLDBEDB PostgreSQL Advanced Server DB Audit v2r3
SQL4-00-035200 - When invalid inputs are received, SQL Server must behave in a predictable and documented manner that reflects organizational and system objectives.MS_SQLDBDISA STIG SQL Server 2014 Database Audit v1r7
VCPG-67-000024 - VMware Postgres must set client-side character encoding to UTF-8.UnixDISA STIG VMware vSphere 6.7 PostgreSQL v1r2
WDNS-SI-000002 - The Windows 2012 DNS Server must follow procedures to re-role a secondary name server as the master name server should the master name server permanently lose functionality.WindowsDISA Microsoft Windows 2012 Server DNS STIG v2r7