SI-15

SI-15 INFORMATION OUTPUT FILTERING

Overview

Number	Title	Impact	Priority	Subject Area
SI-15	Information Output Filtering		P0	System And Information Integrity

Instructions
The information system validates information output from Assignment: organization-defined software programs and/or applications to ensure that the information is consistent with the expected content.

Guidance
Certain types of cyber attacks (e.g., SQL injections) produce output results that are unexpected or inconsistent with the output results that would normally be expected from software programs or applications. This control enhancement focuses on detecting extraneous content, preventing such extraneous content from being displayed, and alerting monitoring tools that anomalous behavior has been discovered.

Guidance

Certain types of cyber attacks (e.g., SQL injections) produce output results that are unexpected or inconsistent with the output results that would normally be expected from software programs or applications. This control enhancement focuses on detecting extraneous content, preventing such extraneous content from being displayed, and alerting monitoring tools that anomalous behavior has been discovered.

Enhancements