800-53|SI-10(3)

Title

PREDICTABLE BEHAVIOR

Description

The information system behaves in a predictable and documented manner that reflects organizational and system objectives when invalid inputs are received.

Supplemental

A common vulnerability in organizational information systems is unpredictable behavior when invalid inputs are received. This control enhancement ensures that there is predictable behavior in the face of invalid inputs by specifying information system responses that facilitate transitioning the system to known states without adverse, unintended side effects.

Reference Item Details

Category: SYSTEM AND INFORMATION INTEGRITY

Parent Title: INFORMATION INPUT VALIDATION

Family: SYSTEM AND INFORMATION INTEGRITY

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.8.1.2 Ensure 'Custom Markup Warning' is set to EnabledWindowsCIS Microsoft Office Word 2016 v1.1.0
1.8.1.2 Ensure 'Custom Markup Warning' is set to EnabledWindowsCIS Microsoft Office Word 2013 v1.1.0
10.19 Setting Security Lifecycle Listener (check for config component)UnixCIS Apache Tomcat 7 L1 v1.1.0
10.19 Setting Security Lifecycle Listener (check for config component)UnixCIS Apache Tomcat 7 L1 v1.1.0 Middleware
Big Sur - Must behave in predictable and documented mannerUnixNIST macOS Big Sur v1.4.0 - All Profiles
BIND-9X-001060 - A BIND 9.x caching name server must implement DNSSEC validation to check all DNS queries for invalid input - dnssec-enableUnixDISA BIND 9.x STIG v2r2
BIND-9X-001060 - A BIND 9.x caching name server must implement DNSSEC validation to check all DNS queries for invalid input - dnssec-validationUnixDISA BIND 9.x STIG v2r2
BIND-9X-001060 - A BIND 9.x caching name server must implement DNSSEC validation to check all DNS queries for invalid input - managed-keysUnixDISA BIND 9.x STIG v2r2
Catalina - Must behave in predictable and documented mannerUnixNIST macOS Catalina v1.5.0 - All Profiles
DKER-EE-001080 - The audit log configuration level must be set to request in the Universal Control Plane (UCP) component of Docker Enterprise.UnixDISA STIG Docker Enterprise 2.x Linux/Unix UCP v2r1
DKER-EE-001090 - The host operating systems auditing policies for the Docker Engine - Enterprise component of Docker Enterprise must be set - docker pathsUnixDISA STIG Docker Enterprise 2.x Linux/Unix v2r1
DKER-EE-001090 - The host operating systems auditing policies for the Docker Engine - Enterprise component of Docker Enterprise must be set - docker servicesUnixDISA STIG Docker Enterprise 2.x Linux/Unix v2r1
F5BI-AF-000229 - The BIG-IP AFM module must be configured to handle invalid inputs in a predictable and documented manner that reflects organizational and system objectives.F5DISA F5 BIG-IP Advanced Firewall Manager 11.x STIG v1r1
F5BI-AP-000229 - The BIG-IP APM module must be configured to handle invalid inputs in a predictable and documented manner that reflects organizational and system objectives.F5DISA F5 BIG-IP Access Policy Manager 11.x STIG v2r1
F5BI-AS-000229 - The BIG-IP ASM module must be configured to handle invalid inputs in a predictable and documented manner that reflects organizational and system objectives.F5DISA F5 BIG-IP Application Security Manager 11.x STIG v1r1
F5BI-LT-000229 - The BIG-IP Core implementation must be configured to handle invalid inputs in a predictable and documented manner that reflects organizational and system objectives.F5DISA F5 BIG-IP Local Traffic Manager 11.x STIG v2r1
MD3X-00-000780 - When invalid inputs are received, MongoDB must behave in a predictable and documented manner that reflects organizational and system objectives.MongoDBDISA STIG MongoDB Enterprise Advanced 3.x v2r1 DB
MD4X-00-006200 - When invalid inputs are received, MongoDB must behave in a predictable and documented manner that reflects organizational and system objectives.MongoDBDISA STIG MongoDB Enterprise Advanced 4.x v1r1 DB
Monterey - Must behave in predictable and documented mannerUnixNIST macOS Monterey v1.0.0 - All Profiles
VCPG-67-000024 - VMware Postgres must set client-side character encoding to UTF-8.UnixDISA STIG VMware vSphere 6.7 PostgreSQL v1r1
WDNS-SI-000002 - The Windows 2012 DNS Server must follow procedures to re-role a secondary name server as the master name server should the master name server permanently lose functionality.WindowsDISA Microsoft Windows 2012 Server DNS STIG v2r5