Information Technology Reference
In-Depth Information
Category/
Subcategory/ 
Element
Control 
Reference
Control Summary
Interpretation
SC-19
Voice-over-Internet
protocol
The organization: (i) establishes
usage restrictions and
implementation guidance for
Voice-over-Internet Protocol
(VoIP) technologies based on the
potential to cause damage to the
information system if used
maliciously; and (ii) authorizes,
monitors, and controls the use of
VoIP within the information
system.
SC-20
Secure name/
address resolution
service
(authoritative
source)
The information system that
provides name/address resolution
service provides additional data
origin and integrity artifacts along
with the authoritative data it
returns in response to resolution
queries.
SC-21
Secure name/
address resolution
service (recursive
or caching resolver)
The information system that
provides name/address resolution
service for local clients performs
data origin authentication and
data integrity verification on the
resolution responses it receives
from authoritative sources when
requested by client systems.
SC-22
Architecture and
provisioning for
name/address
resolution service
The information systems that
collectively provide name/address
resolution service for an
organization are fault tolerant and
implement role separation.
SC-23
Session authenticity
The information system provides
mechanisms to protect the
authenticity of communications
sessions.
 
Search WWH ::




Custom Search