800-53|SC-30(5)

Title

CONCEALMENT OF SYSTEM COMPONENTS

Description

The organization employs [Assignment: organization-defined techniques] to hide or conceal [Assignment: organization-defined information system components].

Supplemental

By hiding, disguising, or otherwise concealing critical information system components, organizations may be able to decrease the probability that adversaries target and successfully compromise those assets. Potential means for organizations to hide and/or conceal information system components include, for example, configuration of routers or the use of honeynets or virtualization techniques.

Reference Item Details

Reference: NIST 800-53 - Security and Privacy Controls for Federal Information Systems and Organizations

Category: SYSTEM AND COMMUNICATIONS PROTECTION

Parent Title: CONCEALMENT AND MISDIRECTION

Family: SYSTEM AND COMMUNICATIONS PROTECTION

Audit Items

View all Reference Audit Items

Name	Plugin	Audit Name
2.1 Alter the Advertised server.info String	Unix	CIS Apache Tomcat 7 L2 v1.1.0
2.1 Alter the Advertised server.info String	Unix	CIS Apache Tomcat 7 L2 v1.1.0 Middleware
2.2 Alter the Advertised server.number String	Unix	CIS Apache Tomcat 7 L2 v1.1.0
2.2 Alter the Advertised server.number String	Unix	CIS Apache Tomcat 7 L2 v1.1.0 Middleware
2.3 Alter the Advertised server.built Date	Unix	CIS Apache Tomcat 7 L2 v1.1.0 Middleware
2.3 Alter the Advertised server.built Date	Unix	CIS Apache Tomcat 7 L2 v1.1.0
2.4 Disable X-Powered-By HTTP Header and Rename the Server Value for all Connectors	Unix	CIS Apache Tomcat 7 L2 v1.1.0 Middleware
2.4 Disable X-Powered-By HTTP Header and Rename the Server Value for all Connectors	Unix	CIS Apache Tomcat 7 L2 v1.1.0
3.1 Hide BIND Version String	Unix	CIS ISC BIND 9.0/9.5 v2.0.0
3.1.9 Disable instance discoverability	Unix	CIS IBM DB2 v10 v1.1.0 Linux OS Level 1
3.1.9 Disable instance discoverability	Unix	CIS IBM DB2 v10 v1.1.0 Linux OS Level 2
3.1.10 Disable instance discoverability - 'discover_inst = disable'	Unix	CIS IBM DB2 OS L2 v1.2.0
3.1.16 Disable database discovery	Unix	CIS IBM DB2 v10 v1.1.0 Linux OS Level 2
3.1.16 Disable database discovery	Unix	CIS IBM DB2 v10 v1.1.0 Linux OS Level 1
3.2.3 Disable database discover - 'discover_db = disable'	Unix	CIS IBM DB2 OS L2 v1.2.0
4.2 Remove Nameserver ID	Unix	CIS ISC BIND 9.0/9.5 v2.0.0
6.1 Hide BIND Version String	Unix	CIS BIND DNS v3.0.1 Caching Only Name Server
6.1 Hide BIND Version String	Unix	CIS BIND DNS v3.0.1 Authoritative Name Server
6.2 Hide Nameserver ID	Unix	CIS BIND DNS v3.0.1 Caching Only Name Server
6.2 Hide Nameserver ID	Unix	CIS BIND DNS v3.0.1 Authoritative Name Server
10.9 Do not allow custom header status messages	Unix	CIS Apache Tomcat 7 L2 v1.1.0
Server version information parameters should be turned off - 'ServerSignature Off'	Unix	TNS IBM HTTP Server Best Practice Middleware
Server version information parameters should be turned off - 'ServerSignature Off'	Windows	TNS IBM HTTP Server Best Practice
Server version information parameters should be turned off - 'ServerTokens Prod'	Windows	TNS IBM HTTP Server Best Practice
WG520 A22 - Web server and/or operating system information must be protected.	Unix	DISA STIG Apache Server 2.2 Unix v1r11 Middleware
WG520 A22 - Web server and/or operating system information must be protected.	Unix	DISA STIG Apache Server 2.2 Unix v1r11

Detections

Analytics