SC-5(2): Excess Capacity / Bandwidth / Redundancy

Control Family:

System And Communications Protection

Parent Control:

SC-5: Denial Of Service Protection

Priority:

P1: Implement P1 security controls first.

CSF v1.1 References:

PR.DS-4
DE.CM-1

Threats Addressed:

Denial of Service

Baselines:

(Not part of any baseline)

Next Version:

NIST Special Publication 800-53 Revision 5:
SC-5(2): Capacity, Bandwidth, and Redundancy

Control Statement

The information system manages excess capacity, bandwidth, or other redundancy to limit the effects of information flooding denial of service attacks.

Supplemental Guidance

Managing excess capacity ensures that sufficient capacity is available to counter flooding attacks. Managing excess capacity may include, for example, establishing selected usage priorities, quotas, or partitioning.