AC-4(15)—Information Flow Enforcement
Secret (P1)
Technical
>Control Description
INFORMATION FLOW ENFORCEMENT | DETECTION OF UNSANCTIONED INFORMATION The information system, when transferring information between different security domains, examines the information for the presence of ⚙organized-defined unsanctioned information and prohibits the transfer of such information in accordance with the ⚙organization-defined security policy.
>Supplemental Guidance
Detection of unsanctioned information includes, for example, checking all information to be transferred for malicious code and dirty words. Related control: SI-3.
>Tailoring Guidance
This security control/enhancement specifies a very specialized and/or advanced capability that is not required for all systems. Consequently, inclusion in a departmental profile is made on a case by case basis.
Ask AI
Configure your API key to use AI features.