Control: The information system establishes a trusted communications path between the user and the following security functions of the system: [Assignment: organization-defined security functions to include at a minimum, information system authentication and reauthentication].

Supplemental Guidance: A trusted path is employed for high-confidence connections between the security functions of the information system and the user (e.g., for login).

Control Enhancements: (0) None.

Baseline: LOW Not Selected MOD Not Selected HIGH Not Selected

Family: System And Communications Protection

Class: Technical

ISO 17799 mapping: 10.9.2

COBIT 4.1 mapping: DS5.11, AC6