SEA — Secure Engineering & Architecture
44 controls in the Secure Engineering & Architecture domain
SEA-01Secure Engineering Principles
SEA-01.1Centralized Management of Cybersecurity & Data Protection Controls
SEA-01.2Achieving Resilience Requirements
SEA-01.3Resilience Capabilities
SEA-02Alignment With Enterprise Architecture
SEA-02.1Standardized Terminology
SEA-02.2Outsourcing Non-Essential Functions or Services
SEA-02.3Technical Debt Reviews
SEA-03Defense-In-Depth (DiD) Architecture
SEA-03.1System Partitioning
SEA-03.2Application Partitioning
SEA-04Process Isolation
SEA-04.1Security Function Isolation
SEA-04.2Hardware Separation
SEA-04.3Thread Separation
SEA-04.4System Privileges Isolation
SEA-05Information In Shared Resources
SEA-06Prevent Program Execution
SEA-07Predictable Failure Analysis
SEA-07.1Technology Lifecycle Management
SEA-07.2Fail Secure
SEA-07.3Fail Safe
SEA-08Non-Persistence
SEA-08.1Refresh from Trusted Sources
SEA-09Information Output Filtering
SEA-09.1Limit Personal Data (PD) Dissemination
SEA-10Memory Protection
SEA-11Honeypots
SEA-12Honeyclients
SEA-13Heterogeneity
SEA-13.1Virtualization Techniques
SEA-14Concealment & Misdirection
SEA-14.1Randomness
SEA-14.2Change Processing & Storage Locations
SEA-15Distributed Processing & Storage
SEA-16Non-Modifiable Executable Programs
SEA-17Secure Log-On Procedures
SEA-18System Use Notification (Logon Banner)
SEA-18.1Standardized Microsoft Windows Banner
SEA-18.2Truncated Banner
SEA-19Previous Logon Notification
SEA-20Clock Synchronization
SEA-21Application Container
SEA-22Privileged Environments