AC-4(24): Internal Normalized Format
(Not part of any baseline)
Control is new to this version of the control set.
When transferring information between different security domains, parse incoming data into an internal normalized format and regenerate the data to be consistent with its intended specification.
Converting data into normalized forms is one of most of effective mechanisms to stop malicious attacks and large classes of data exfiltration.