SC.L2-3.13.3
SC.L2-3.13.3: Security Function Isolation
Separate user functionality from system management.
SC.L2-3.13.4
SC.L2-3.13.4: Shared Resource Control
Prevent unauthorized or unintended information transfer via shared resources.
SC.L2-3.13.5
SC.L2-3.13.5: Public-Access System Separation
Deny network communications traffic by default on external interfaces.
SC.L2-3.13.6
SC.L2-3.13.6: Network Communication by Exception
Deny network communications by default, allow by exception.
SC.L2-3.13.7
SC.L2-3.13.7: Split Tunneling
Prevent remote devices from simultaneously establishing non-remote connections.
SC.L2-3.13.9
SC.L2-3.13.9: Network Disconnect
Terminate network connections at end of session or after inactivity.
SC.L2-3.13.10
SC.L2-3.13.10: Key Management
Establish and manage cryptographic keys.
SC.L2-3.13.11
SC.L2-3.13.11: CUI Encryption
Employ FIPS-validated cryptography for CUI.
SC.L2-3.13.12
SC.L2-3.13.12: Collaborative Computing
Prohibit remote activation of collaborative computing devices.
SC.L2-3.13.13
SC.L2-3.13.13: Mobile Code
Control and monitor the use of mobile code.
SC.L2-3.13.14
SC.L2-3.13.14: Voice over Internet Protocol
Control and monitor the use of VoIP.
SC.L2-3.13.15
SC.L2-3.13.15: Communications Authenticity
Protect the authenticity of communications sessions.
SC.L2-3.13.16
SC.L2-3.13.16: Data at Rest
Protect CUI at rest.