CCC.C02: Ensure Data Encryption at Rest for All Stored Data
Objective:Ensure that all data stored is encrypted at rest to maintain
confidentiality and integrity.
Control Family:
Encryption
Threats:
| ID | Title | Description |
|---|---|---|
| CCC.TH01 | Access Control is Misconfigured | An attacker can exploit misconfigured access controls to grant excessive privileges or gain unauthorized access to sensitive resources. |
NIST CSF:
PR.DS-1
Control Mappings
CCM:
ISO_27001:
NIST_800_53:
SC-13
SC-28
Test Requirements
CCC.C02.TR01:When data is stored at rest, the service MUST be configured to
encrypt data at rest using the latest industry-standard encryption
methods.
TLP:
tlp_clear
tlp_green
tlp_amber
tlp_red