home || catalog: SP800-53rev3 / class: Technical / family: (SC) System and Communications Protection ||
search controls:
search nistpubs:

AC
AT
AU
CA
CM
CP
IA
IR
MA
MP
PE
PL
PM
PS
RA
SA
SC

SC-01
SC-02
SC-03
SC-04
SC-05
SC-06
SC-07
SC-08
SC-09
SC-10
SC-11
SC-12
SC-13
SC-14
SC-15
SC-16
SC-17
SC-18
SC-19
SC-20
SC-21
SC-22
SC-23
SC-24
SC-25
SC-26
SC-27
SC-28
SC-29
SC-30 *
SC-31
SC-32
SC-33

SI
MMMMM

  SC-30: Virtualization Techniques  

base control objective:
The organization employs virtualization techniques to present information system components as other types of components, or components with differing configurations.

supplemental objective information:
Virtualization techniques provide organizations with the ability to disguise information systems, potentially reducing the likelihood of successful attacks without the cost of having multiple platforms.

enhancements to the base objective:

(1) The organization employs virtualization techniques to support the deployment of a diversity of operating systems and applications that are changed [Assignment: organization-defined frequency].
Enhancement Supplemental Guidance: While frequent changes to operating systems and applications pose configuration management challenges, the changes result in an increased work-factor for adversaries in order to carry out successful attacks. Changing the apparent operating system or application, as opposed to the actual operating system or application, results in virtual changes that still impede attacker success while helping to reduce the configuration management effort.

(2) The organization employs randomness in the implementation of the virtualization techniques.

mapping to FIPS199 baseline:

  LOW: null     MOD: null     HIGH: null  

related (regimented) controls:

None.

documents referenced in SP800-53rev3 for SC-30:

None.

Document Date Status Title

Search SP800-53rev3 catalog: