SC.L2-3.13.1
SC.L2-3.13.1: Boundary Protection
Monitor, control, and protect communications at the external boundaries and key internal boundaries of organizational systems.
SC.L2-3.13.2
SC.L2-3.13.2: Security Engineering Principles
Build security into your systems from the start, not as an afterthought
SC.L2-3.13.3
SC.L2-3.13.3: Security Function Isolation
Separate user functionality from system management.
SC.L2-3.13.4
SC.L2-3.13.4: Shared Resource Control
Prevent unauthorized or unintended information transfer via shared resources.
SC.L2-3.13.5
SC.L2-3.13.5: Public-Access System Separation
Deny network communications traffic by default on external interfaces.
SC.L2-3.13.6
SC.L2-3.13.6: Network Communication by Exception
Deny network communications by default, allow by exception.
SC.L2-3.13.7
Split Tunneling and VPN Requirements: SC.L2-3.13.7 Guide
Prevent remote devices from simultaneously establishing non-remote connections.
SC.L2-3.13.8
SC.L2-3.13.8: CUI in Transit
Implement cryptographic mechanisms to prevent unauthorized disclosure of CUI during transmission.
SC.L2-3.13.9
SC.L2-3.13.9: Network Disconnect
Terminate network connections at end of session or after inactivity.
SC.L2-3.13.10
SC.L2-3.13.10: Key Management
Establish and manage cryptographic keys.
SC.L2-3.13.11
SC.L2-3.13.11: CUI Encryption
Employ FIPS-validated cryptography for CUI.
SC.L2-3.13.12
Controlling Teams, Zoom, and Webcams: SC.L2-3.13.12 Guide
Prohibit remote activation of collaborative computing devices.
SC.L2-3.13.13
SC.L2-3.13.13: Mobile Code
Control and monitor the use of mobile code.
SC.L2-3.13.14
SC.L2-3.13.14: Voice over Internet Protocol
Control and monitor the use of VoIP.
SC.L2-3.13.15
SC.L2-3.13.15: Communications Authenticity
Protect the authenticity of communications sessions.
SC.L2-3.13.16
SC.L2-3.13.16: Data at Rest
Protect CUI at rest.