System and Communications Protection Policy and Procedures (SC-1)

The university has documented policies and supporting processes for defining and enforcing requirements to protect data transmissions and system-to-system communications, including analyzing the identity of communicators.

Denial of Service Protection (SC-5)

The purpose of this Control is to prevent or mitigate denial of service attacks on University networks.

Boundary Protection (SC-7)

This Control addresses how the university monitors and controls networks at the external boundary of the network and at key internal boundaries within the network.

Transmission Confidentiality and Integrity (SC-8)

Confidential and University-Internal information that is transmitted over a public network (e.g.: the Internet) must be protected.

Cryptographic Key Establishment and Management (SC-12)

When encryption is used, appropriate key management procedures are crucial. The university is responsible to manage cryptographic keys for required cryptography employed within the university using automated mechanisms with supported procedures.

Cryptographic Protection (SC-13)

The university uses public and private keys, along with other cryptographic mechanisms according to applicable federal laws, executive orders, directives, policies, regulations, and standards.

Collaborative Computing Devices (SC-15)

This Control ensures that collaborative computing devices (networked white boards, cameras, microphones) installed in common use spaces provide an explicit indication of use to users physically present in the room.

Secure Name/Address Resolution Service (Authoritative Source) (SC-20)

This Control addresses how information resource owners and custodians provide additional data origin and integrity artifacts along with the authoritative name resolution data the system returns in response to external name/address resolution queries.

Secure Name/Address Resolution Service (Recursive or Caching Resolver) (SC-21)

This Control addresses how information resource owners and custodians request and perform data origin authentication and data integrity verification on the name/address resolution responses the system receives from authoritative sources.

Architecture and Provisioning for Name/Address Resolution Service (SC-22)

This Control addresses how information resources that provide name/address resolution are fault-tolerant and provide redundant architecture.

Process Isolation (SC-39)

This Control addresses how to ensure segregation of communications and interfaces between the systems processes.