>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

AC-4(5)Information Flow Enforcement

Technical

>Control Description

INFORMATION FLOW ENFORCEMENT | EMBEDDED DATA TYPES The information system enforces organization-defined limitations on embedding data types within other data types.

>Supplemental Guidance

Embedding data types within other data types may result in reduced flow control effectiveness. Data type embedding includes, for example, inserting executable files as objects within word processing files, inserting references or descriptive information into a media file, and compressed or archived data types that may include multiple embedded data types. Limitations on data type embedding consider the levels of embedding and prohibit levels of data type embedding that are beyond the capability of the inspection tools.

>Tailoring Guidance

This security control/enhancement specifies a very specialized and/or advanced capability that is not required for all systems. Consequently, inclusion in a departmental profile is made on a case by case basis.

Ask AI

Configure your API key to use AI features.