Invasive Testing SC_09_1_1

This NIST 800-53 report is posted on the Internet to promote Version 3.0 of LJK/Security . The corresponding vulnerability report for your own system should be guarded more carefully, such as by being reviewed only from local HTML disk files rather than via a web server.
Return to Main Page
Invasive Testing SC_09_1_1_12

FIPS 199 High Impact (for ICS)

Findings Color Code
Satisfied
Other Than Satisfied - not assessed
Other Than Satisfied - failed

NIST SP 800-53A SC-09(01) .01

Question: Did that review of source code for add-on mechanisms to use cryptography to protect the confidentiality of transmitted information modules implemented in the C or C++ programming language show the implementation avoids all dependence on null-terminated strings and instead uses counted strings ?

Answered by: BOSTON::KENNEDY

As part of Invasive Testing group: TEST_ADD_CONFIDENTIALITY_CRYPTO

Answer: YES

This NIST 800-53 report is posted on the Internet to promote Version 3.0 of LJK/Security . The corresponding vulnerability report for your own system should be guarded more carefully, such as by being reviewed only from local HTML disk files rather than via a web server.