NIST 800-53 REV 5 • SYSTEM AND COMMUNICATIONS PROTECTION

SC-4(1)Security Levels

CMMC Practice Mapping

No direct CMMC mapping

NIST 800-171 Mapping

No direct NIST 800-171 mapping

Related Controls

No related controls listed

Practitioner Notes

This enhancement applies to systems that process data at different security classification levels. Shared resources must prevent data at one security level from leaking to users at a different level.

Example 1: On cross-domain systems, use certified cross-domain solutions (CDS) that sanitize shared memory and disk buffers between sessions operating at different classification levels.

Example 2: Configure your virtualization platform to use memory scrubbing between VM allocations so that a VM operating at one security level cannot recover memory contents from a VM that operated at a higher level.

More System and Communications Protection Controls

SC-1 Policy and Procedures SC-2 Separation of System and User Functionality SC-2(1) Interfaces for Non-privileged Users SC-2(2) Disassociability