Detections
Analytics

800-53|SC-4

Title

INFORMATION IN SHARED RESOURCES

Description

The information system prevents unauthorized and unintended information transfer via shared system resources.

Supplemental

This control prevents information, including encrypted representations of information, produced by the actions of prior users/roles (or the actions of processes acting on behalf of prior users/roles) from being available to any current users/roles (or current processes) that obtain access to shared system resources (e.g., registers, main memory, hard disks) after those resources have been released back to information systems. The control of information in shared resources is also commonly referred to as object reuse and residual information protection. This control does not address: (i) information remanence which refers to residual representation of data that has been nominally erased or removed; (ii) covert channels (including storage and/or timing channels) where shared resources are manipulated to violate information flow restrictions; or (iii) components within information systems for which there are only single users/roles.

Reference Item Details

Related: AC-3,AC-4,MP-6

Category: SYSTEM AND COMMUNICATIONS PROTECTION

Family: SYSTEM AND COMMUNICATIONS PROTECTION

Priority: P1

Baseline Impact: MODERATE,HIGH

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.1 Create a separate partition for containersUnixCIS Docker 1.11.0 v1.0.0 L1 Linux
1.1 Create a separate partition for containersUnixCIS Docker 1.12.0 v1.0.0 L1 Linux
1.1 Create a separate partition for containersUnixCIS Docker 1.13.0 v1.0.0 L1 Linux
1.1 Create a separate partition for containersUnixCIS Docker 1.6 v1.0.0 L1 Linux
1.1 Ensure a separate partition for containers has been createdUnixCIS Docker Community Edition v1.1.0 L1 Linux Host OS
1.1 Place Databases on Non-System PartitionsWindowsCIS MySQL 5.6 Enterprise Windows OS L1 v2.0.0
1.1 Place Databases on Non-System PartitionsUnixCIS MySQL 5.6 Enterprise Linux OS L1 v2.0.0
1.1 Place Databases on Non-System PartitionsMySQLDBCIS MySQL 5.7 Enterprise Database L1 v2.0.0
1.1 Place Databases on Non-System PartitionsUnixCIS Oracle MySQL Community Server 8.4 v1.0.0 L1 OS Linux on Linux
1.1 Place Databases on Non-System PartitionsWindowsCIS MySQL 5.6 Community Windows OS L1 v2.0.0
1.1 Place Databases on Non-System PartitionsWindowsCIS MySQL 5.7 Enterprise Windows OS L1 v2.0.0
1.1 Place Databases on Non-System PartitionsUnixCIS MySQL 5.6 Community Linux OS L1 v2.0.0
1.1 Place Databases on Non-System PartitionsMySQLDBCIS MySQL 5.7 Community Database L1 v2.0.0
1.1 Place Databases on Non-System PartitionsUnixCIS MySQL 8.0 Enterprise Linux OS L1 v1.4.0
1.1 Place Databases on Non-System PartitionsMySQLDBCIS MySQL 5.6 Enterprise Database L1 v2.0.0
1.1 Place Databases on Non-System PartitionsUnixCIS MySQL 5.7 Enterprise Linux OS L1 v2.0.0
1.1 Place Databases on Non-System PartitionsUnixCIS MySQL 8.0 Community Linux OS L1 v1.1.0
1.1 Place Databases on Non-System PartitionsUnixCIS Oracle MySQL Enterprise Edition 8.4 v1.0.0 L1 MySQL OS Linux
1.1 Place Databases on Non-System PartitionsMySQLDBCIS MySQL 5.6 Community Database L1 v2.0.0
1.1 Place Databases on Non-System PartitionsWindowsCIS MySQL 5.7 Community Windows OS L1 v2.0.0
1.1 Place Databases on Non-System PartitionsUnixCIS MySQL 5.7 Community Linux OS L1 v2.0.0
1.1 Place Databases on Non-System PartitionsUnixCIS MariaDB 10.6 on Linux L1 v1.1.0
1.1.1 Ensure a separate partition for containers has been createdUnixCIS Docker v1.8.0 L1 OS Linux
1.2 Ensure Single-Function Member Servers are UsedMS_SQLDBCIS Microsoft SQL Server 2019 v1.5.0 L1 Database Engine
1.2 Ensure Single-Function Member Servers are UsedWindowsCIS SQL Server 2017 Database L1 OS v1.3.0
1.2 Ensure Single-Function Member Servers are UsedMS_SQLDBCIS Microsoft SQL Server 2022 v1.2.1 L1 AWS RDS
1.2 Ensure Single-Function Member Servers are UsedMS_SQLDBCIS Microsoft SQL Server 2022 v1.2.1 L1 Database Engine
1.2 Ensure Single-Function Member Servers are UsedWindowsCIS SQL Server 2016 Database L1 OS v1.4.0
1.2 Ensure Single-Function Member Servers are UsedMS_SQLDBCIS Microsoft SQL Server 2019 v1.5.0 L1 AWS RDS
1.4 UBTU-22-213010UnixCIS Ubuntu Linux 22.04 LTS STIG v1.0.0 CAT III
1.7 Ensure MariaDB is Run Under a Sandbox EnvironmentMySQLDBCIS MariaDB 10.6 Database L2 v1.1.0
1.7 Ensure MariaDB is Run Under a Sandbox EnvironmentUnixCIS MariaDB 10.6 on Linux L2 v1.1.0
1.7 Ensure MySQL is Run Under a Sandbox EnvironmentUnixCIS Oracle MySQL Enterprise Edition 8.4 v1.0.0 L2 MySQL OS Linux
1.7 Ensure MySQL is Run Under a Sandbox EnvironmentUnixCIS MySQL 8.0 Enterprise Linux OS L2 v1.4.0
1.7 Ensure MySQL is Run Under a Sandbox EnvironmentUnixCIS Oracle MySQL Community Server 8.4 v1.0.0 L2 OS Linux
1.14 WN10-00-000060WindowsCIS Microsoft Windows 10 STIG v1.0.0 CAT II
1.21 RHEL-09-213010UnixCIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II
1.22 RHEL-09-213015UnixCIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II
1.30 OL08-00-010190UnixCIS Oracle Linux 8 STIG v1.0.0 CAT II
1.45 UBTU-22-232145UnixCIS Ubuntu Linux 22.04 LTS STIG v1.0.0 CAT II
1.62 OL08-00-010375UnixCIS Oracle Linux 8 STIG v1.0.0 CAT III
1.63 OL08-00-010376UnixCIS Oracle Linux 8 STIG v1.0.0 CAT III
1.106 UBTU-24-600140UnixCIS Ubuntu Linux 24.04 LTS STIG v1.0.0 CAT III
1.107 UBTU-24-600150UnixCIS Ubuntu Linux 24.04 LTS STIG v1.0.0 CAT II
1.156 RHEL-09-232240UnixCIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II
1.157 RHEL-09-232245UnixCIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II
1.157 WN16-DC-000120WindowsCIS Microsoft Windows Server 2016 STIG v4.0.0 DC CAT II
1.158 WN19-DC-000120WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II
1.158 WN22-DC-000120WindowsCIS Microsoft Windows Server 2022 STIG v3.0.0 DC CAT II
1.162 WN22-DC-000160WindowsCIS Microsoft Windows Server 2022 STIG v3.0.0 DC CAT III