STIGViewer Trial workspace — loading your subscription…

NIST 800-53 Rev 5

424 controls available

SC-8moderatehigh

Transmission Confidentiality and Integrity

System and Communications Protection

Control Statement

Protect the {{ insert: param, sc-08_odp }} of transmitted information.

Discussion

Protecting the confidentiality and integrity of transmitted information applies to internal and external networks as well as any system components that can transmit information, including servers, notebook computers, desktop computers, mobile devices, printers, copiers, scanners, facsimile machines, and radios. Unprotected communication paths are exposed to the possibility of interception and modification. Protecting the confidentiality and integrity of information can be accomplished by physical or logical means. Physical protection can be achieved by using protected distribution systems. A protected distribution system is a wireline or fiber-optics telecommunications system that includes terminals and adequate electromagnetic, acoustical, electrical, and physical controls to permit its use for the unencrypted transmission of classified information. Logical protection can be achieved by employing encryption techniques. Organizations that rely on commercial providers who offer transmission services as commodity services rather than as fully dedicated services may find it difficult to obtain the necessary assurances regarding the implementation of needed controls for transmission confidentiality and integrity. In such situations, organizations determine what types of confidentiality or integrity services are available in standard, commercial telecommunications service packages. If it is not feasible to obtain the necessary controls and assurances of control effectiveness through appropriate contracting vehicles, organizations can implement appropriate compensating controls.

Framework
NIST SP 800-53 Rev 5
Family
System and Communications Protection
Baselines
moderate, high

Related Frameworks

4 paths across 2 frameworks
NIST 800-1711 mapping
3.13.8
1.00
  • NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
CCI3 mappings
CCI-002418
1.00
  • DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-002419
1.00
  • NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
  • NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
  • DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-002421
1.00
  • NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
  • NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
  • DISA · 2025-01-23 · disa_cci_list · equivalent

Related STIGs

98 STIGs reach this control through 11 CCIs. Expand a row to see the responsible NICE and O*NET roles.

Operating System — Desktop

5 STIGs

Operating System — Server

26 STIGs
Solaris 11 X86 Security Technical Implementation Guide
V3R52026-02-197 of 216 findings match
Show 18 more STIGs in this category →
Oracle Linux 9 Security Technical Implementation Guide
V1R52026-02-174 of 448 findings match
Oracle Linux 8 Security Technical Implementation Guide
V2R82026-02-133 of 375 findings match
Anduril NixOS Security Technical Implementation Guide
V1R22025-08-191 of 103 findings match
IBM AIX 7.x Security Technical Implementation Guide
V3R22026-02-061 of 283 findings match

Operating System — Mainframe

1 STIG
CA IDMS Security Technical Implementation Guide
V2R12024-09-134 of 74 findings match

Network Device

14 STIGs
Domain Name System (DNS) Security Requirements Guide
V4R22025-12-194 of 119 findings match
BIND 9.x Security Technical Implementation Guide
V3R22026-02-251 of 73 findings match
Cisco ASA VPN Security Technical Implementation Guide
V2R22024-08-221 of 41 findings match
Show 6 more STIGs in this category →
F5 NGINX Security Technical Implementation Guide
V1R12026-01-071 of 32 findings match
Router Security Requirements Guide
V5R22025-09-101 of 123 findings match

Database

12 STIGs
Database Security Requirements Guide
V4R52026-02-262 of 142 findings match
Show 4 more STIGs in this category →

Web / Application Server

16 STIGs
Web Server Security Requirements Guide
V4R42025-09-1012 of 126 findings match
Application Server Security Requirements Guide
V4R42025-09-105 of 137 findings match
Show 8 more STIGs in this category →

Virtualization / Container

13 STIGs

Cloud / Identity Service

1 STIG

Endpoint Security Management

9 STIGs
ISEC7 Sphere Security Technical Implementation Guide
V3R12024-08-204 of 34 findings match
Tanium 7.x Security Technical Implementation Guide
V2R32025-05-143 of 98 findings match
BlackBerry UEM Security Technical Implementation Guide
V2R12020-12-041 of 16 findings match
Central Log Server Security Requirements Guide
V3R42026-02-121 of 127 findings match
Show 1 more STIG in this category →

Uncategorized

1 STIG