AC-03(05) Security-relevant Information
Prevent access to ac-03.05_odp except during secure, non-operable system states.
| Parameter ID | Definition |
|---|---|
| ac-03.05_odp | security-relevant information |
Baselines
- L
- M
- H
- P
Guidance
Security-relevant information is information within systems that can potentially impact the operation of security functions or the provision of security services in a manner that could result in failure to enforce system security and privacy policies or maintain the separation of code and data. Security-relevant information includes access control lists, filtering rules for routers or firewalls, configuration parameters for security services, and cryptographic key management information. Secure, non-operable system states include the times in which systems are not performing mission or business-related processing, such as when the system is offline for maintenance, boot-up, troubleshooting, or shut down.
Related controls 2
- CM-06 Configuration Settings L M H P
- SC-39 Process Isolation L M H P