800-53|SC-11

Title

TRUSTED PATH

Description

The information system establishes a trusted communications path between the user and the following security functions of the system: [Assignment: organization-defined security functions to include at a minimum, information system authentication and re-authentication].

Supplemental

Trusted paths are mechanisms by which users (through input devices) can communicate directly with security functions of information systems with the requisite assurance to support information security policies. The mechanisms can be activated only by users or the security functions of organizational information systems. User responses via trusted paths are protected from modifications by or disclosure to untrusted applications. Organizations employ trusted paths for high-assurance connections between security functions of information systems and users (e.g., during system logons). Enforcement of trusted communications paths is typically provided via an implementation that meets the reference monitor concept.

Reference Item Details

Reference: NIST 800-53 - Security and Privacy Controls for Federal Information Systems and Organizations

Related: AC-16,AC-25

Category: SYSTEM AND COMMUNICATIONS PROTECTION

Family: SYSTEM AND COMMUNICATIONS PROTECTION

Priority: P0

Audit Items

View all Reference Audit Items

Name	Plugin	Audit Name
1.4 Set 'External send connector authentication: DNS Routing' to 'True'	Windows	CIS Microsoft Exchange Server 2013 Edge v1.1.0
1.4 Set 'External send connector authentication: DNS Routing' to 'True'	Windows	CIS Microsoft Exchange Server 2016 Edge v1.0.0
2.2.8 Ensure 'External send connector authentication: DNS routing' is set to 'True'	Windows	CIS Microsoft Exchange Server 2019 L1 Mailbox v1.0.0
WBLC-08-000211 - Oracle WebLogic must establish a trusted communications path between the user and organization-defined security functions within the information system - Listen Port	Unix	Oracle WebLogic Server 12c Linux v2r1 Middleware
WBLC-08-000211 - Oracle WebLogic must establish a trusted communications path between the user and organization-defined security functions within the information system - Listen Port	Unix	Oracle WebLogic Server 12c Linux v2r1
WBLC-08-000211 - Oracle WebLogic must establish a trusted communications path between the user and organization-defined security functions within the information system - Listen Port	Windows	Oracle WebLogic Server 12c Windows v2r1
WBLC-08-000211 - Oracle WebLogic must establish a trusted communications path between the user and organization-defined security functions within the information system - SSL Listen Port	Unix	Oracle WebLogic Server 12c Linux v2r1
WBLC-08-000211 - Oracle WebLogic must establish a trusted communications path between the user and organization-defined security functions within the information system - SSL Listen Port	Windows	Oracle WebLogic Server 12c Windows v2r1
WBLC-08-000211 - Oracle WebLogic must establish a trusted communications path between the user and organization-defined security functions within the information system - SSL Listen Port	Unix	Oracle WebLogic Server 12c Linux v2r1 Middleware
WPAW-00-001700 - The Windows PAW must use a trusted channel for all connections between a PAW and IT resources managed from the PAW.	Windows	DISA MS Windows Privileged Access Workstation v2r3

Detections

Analytics