SC-40(1)—Electromagnetic Interference
>Control Description
>Supplemental Guidance
The implementation of cryptographic mechanisms for electromagnetic interference protects systems against intentional jamming that might deny or impair communications by ensuring that wireless spread spectrum waveforms used to provide anti-jam protection are not predictable by unauthorized individuals. The implementation of cryptographic mechanisms may also coincidentally mitigate the effects of unintentional jamming due to interference from legitimate transmitters that share the same spectrum. Mission requirements, projected threats, concept of operations, and laws, executive orders, directives, regulations, policies, and standards determine levels of wireless link availability, cryptography needed, and performance.
>Related Controls
>Assessment Interview Topics
Questions assessors commonly ask
Process & Governance:
- •What policies govern the implementation of electromagnetic interference?
- •How are system and communications protection requirements defined and maintained?
- •Who is responsible for configuring and maintaining the security controls specified in SC-40(1)?
- •What is your cryptographic key management policy?
Technical Implementation:
- •How is electromagnetic interference technically implemented in your environment?
- •What systems, tools, or configurations enforce this protection requirement?
- •How do you ensure that electromagnetic interference remains effective as the system evolves?
- •What encryption mechanisms and algorithms are used to protect data?
Evidence & Documentation:
- •What documentation demonstrates the implementation of SC-40(1)?
- •Can you provide configuration evidence or system diagrams showing this protection control?
- •What logs or monitoring data verify that this control is functioning correctly?
- •Can you demonstrate that FIPS 140-2 validated cryptography is used?
Ask AI
Configure your API key to use AI features.