SC-30(4)—Misleading Information
>Control Description
The enterprise can convey misleading information as part of concealment and misdirection efforts to protect the information system being developed and the enterprise’s systems and networks. Examples of such efforts in security include honeynets or virtualized environments. Implementations can be leveraged to convey misleading information. These may be considered advanced techniques that require experienced resources to effectively implement them. If an enterprise decides to use honeypots, it should be done in concert with legal counsel or following the enterprise’s policies.
>Cross-Framework Mappings
Ask AI
Configure your API key to use AI features.