CCC.C01: Prevent Unencrypted Requests
Objective:Ensure that all communications are encrypted in transit to protect data
integrity and confidentiality.
Control Family:
Data
Threats:
| ID | Title | Description |
|---|---|---|
| CCC.TH02 | Data is Intercepted in Transit | In the event that encrypted communication is not properly in effect, an attacker can intercept traffic between clients and the service to read or modify the data during transmission. |
NIST CSF:
PR.DS-02
Control Mappings
CCM:
IVS-03
IVS-07
ISO_27001:
2013 A.13.1.1
NIST_800_53:
SC-8
SC-13
Test Requirements
CCC.C01.TR01:When a port is exposed for non-SSH network traffic, all traffic MUST
include a TLS handshake AND be encrypted using TLS 1.2 or higher.
TLP:
tlp_clear
tlp_green
tlp_amber
tlp_red
CCC.C01.TR02:When a port is exposed for SSH network traffic, all traffic MUST
include a SSH handshake AND be encrypted using SSHv2 or higher.
TLP:
tlp_clear
tlp_green
tlp_amber
tlp_red