Reference: CMMC 2.11
Family: SC
Level Introduced: 2
Title: Shared Resource Control
Practice:
Prevent unauthorized and unintended information transfer via shared system resources.
CMMC Clarification:
No shared system resource such as cache memory, hard disks, registers, or main memory should be able to pass information from one user to another user. In other words, when objects are reused no residual information should exist on that object. This protects the confidentiality of the information. This is typically a feature provided by operating system and software vendors.
Example
You are the system administrator for your company. You are creating the system hardening procedures for your company's computers. To prevent unauthorized and unintended information transfer via shared resources, you include in your procedures steps to verify the operating system is configured correctly. You examine the Computer Configuration policies in the operating system and verify the settings match those documented in the hardening procedures.
Implementation Strategies
This is for registered users only. Please sign up for a free account, or Login, to see complete cross references to other standards and frameworks.
NIST 800-171 Requirements (1)
This is for registered users only. Please sign up for a free account, or Login, to see complete cross references to other standards and frameworks.
NIST 800-53 Controls (1)
This is for registered users only. Please sign up for a free account, or Login, to see complete cross references to other standards and frameworks.