SC-30(5): Concealment Of System Components

Threats Addressed:


(Not part of any baseline)

Next Version:

Control Statement

The organization employs [Assignment: organization-defined techniques] to hide or conceal [Assignment: organization-defined information system components].

Supplemental Guidance

By hiding, disguising, or otherwise concealing critical information system components, organizations may be able to decrease the probability that adversaries target and successfully compromise those assets. Potential means for organizations to hide and/or conceal information system components include, for example, configuration of routers or the use of honeynets or virtualization techniques.