System and Communications Protection Policy and Procedures (SC-1)

The university has documented policies and supporting processes for defining and enforcing requirements to protect data transmissions and system-to-system communications, including analyzing the identity of communicators.

Denial of Service Protection (SC-5)

The purpose of this Control is to prevent or mitigate denial of service attacks on University networks.

Boundary Protection (SC-7)

This Control addresses how the university monitors and controls networks at the external boundary of the network and at key internal boundaries within the network.

Transmission Confidentiality and Integrity (SC-8)

Confidential information that is transmitted over a public network (e.g.: the Internet) must be protected.

Cryptographic Protection (SC-13)

The purpose of this Control is to provide guidance to all Texas A&M University employees regarding the use of encryption to protect the university’s information resources that contain, process, or transmit confidential information, protected health information (PHI) or controlled data (See Control RA-2, Security Categorization).

Collaborative Computing Devices (SC-15)

This Control addresses protection of collaborative computing devices to prevent unauthorized access.

Secure Name/Address Resolution Service (Authoritative Source) (SC-20)

This Control addresses how information resource owners and custodians provide additional data origin and integrity artifacts along with the authoritative name resolution data the system returns in response to external name/address resolution queries.

Secure Name/Address Resolution Service (Recursive or Caching Resolver) (SC-21)

This Control addresses how information resource owners and custodians request and perform data origin authentication and data integrity verification on the name/address resolution responses the system receives from authoritative sources.

Architecture and Provisioning for Name/Address Resolution Service (SC-22)

This Control addresses how information resources that provide name/address resolution are fault-tolerant and provide redundant architecture.

Process Isolation (SC-39)

This Control addresses how to ensure segregation of communications and interfaces between the systems processes.