>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

SI-3(9)Malicious Code Protection

Operational

>Control Description

MALICIOUS CODE PROTECTION | AUTHENTICATE REMOTE COMMANDS The information system implements organization-defined security safeguards to authenticate organization-defined remote commands.

>Supplemental Guidance

This control enhancement protects against unauthorized commands and replay of authorized commands. This capability is important for those remote information systems whose loss, malfunction, misdirection, or exploitation would have immediate and/or serious consequences (e.g., injury or death, property damage, loss of high-valued assets or sensitive information, or failure of important missions/business functions). Authentication safeguards for remote commands help to ensure that information systems accept and execute in the order intended, only authorized commands, and that unauthorized commands are rejected.

Cryptographic mechanisms can be employed, for example, to authenticate remote commands. Related controls: SC-12, SC-13, SC-23.

>Tailoring Guidance

This security control/enhancement specifies the use of an automated mechanism. While there are obvious benefits to the use of such mechanisms, in most cases the use of manual mechanisms will suffice.

Ask AI

Configure your API key to use AI features.